Project

General

Profile

Feature #8889

Feature #8541: Write regression tests and tests for new features

Automatically test that Tor runs with Seccomp enabled

Added by intrigeri almost 5 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Test suite
Target version:
Start date:
02/11/2015
Due date:
% Done:

100%

Feature Branch:
kytv:test/8889-tor-seccomp
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

Unless the user has chosen advanced Tor configuration in the Greeter, thanks to #8174 Tor should run in seccomp "filter" mode. That is, the Seccomp entry in /proc/$(pidof tor)/status should have the value "2". We should test that automatically, in order to identify regressions in this area.

Reference: http://man7.org/linux/man-pages/man5/proc.5.html


Related issues

Blocked by Tails - Bug #8174: Build Tor with seccomp Resolved 10/26/2014

Associated revisions

Revision 3a02554f
Added by Tails developers almost 5 years ago

Merge remote-tracking branch 'kytv/test/8889-tor-seccomp' into devel

Fix-committed: #8889

History

#1 Updated by intrigeri almost 5 years ago

  • Description updated (diff)

#2 Updated by intrigeri almost 5 years ago

  • Blocked by Bug #8174: Build Tor with seccomp added

#3 Updated by kytv almost 5 years ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from kytv to anonym
  • % Done changed from 0 to 50
  • QA Check set to Ready for QA
  • Feature Branch set to kytv:test/8889-tor-seccomp

With an ISO built from the devel branch a few days ago:

call returned: [0, "", ""]
    And Tor is ready                                                     # features/step_definitions/common_steps.rb:297
calling as root: awk '/^Seccomp:/{print $2}' /proc/$(pidof tor)/status
call returned: [0, "0\n", ""]
    Then the running process "tor" is confined with Seccomp              # features/step_definitions/checks.rb:144
      tor not confined with Seccomp.
      <2> expected but was
      <0>. (MiniTest::Assertion)
      ./features/step_definitions/checks.rb:147:in `/^the running process "(.+)" is confined with Seccomp$/'
      features/checks.feature:51:in `Then the running process "tor" is confined with Seccomp'

With an ISO built from the devel branch today:

    And Tor is ready                                                     # features/step_definitions/common_steps.rb:297
calling as root: awk '/^Seccomp:/{print $2}' /proc/$(pidof tor)/status
call returned: [0, "2\n", ""]
    Then the running process "tor" is confined with Seccomp              # features/step_definitions/checks.rb:144

#4 Updated by intrigeri almost 5 years ago

  • Assignee changed from anonym to kytv
  • QA Check changed from Ready for QA to Info Needed

Any reason to use execute instead of execute_successfully? Granted, the next assert will fail in some way if the command failed, but still, IMO it's good to get into the habit of using the autodying wrapper instead of the laxist one.

#5 Updated by intrigeri almost 5 years ago

  • QA Check changed from Info Needed to Dev Needed

Also, better parse text on the host system (in Ruby) than with shell+awk+etc. in the system under test.

#6 Updated by intrigeri almost 5 years ago

  • Target version changed from Tails_1.3.2 to Tails_1.3

Looks like this will be ready in time for 1.3 :)

#7 Updated by kytv almost 5 years ago

  • Assignee changed from kytv to anonym
  • Target version changed from Tails_1.3 to Tails_1.3.2
  • QA Check changed from Dev Needed to Ready for QA

Now using ruby instead of going out to a shell.

#8 Updated by kytv almost 5 years ago

  • Target version changed from Tails_1.3.2 to Tails_1.3

#9 Updated by Tails almost 5 years ago

  • Status changed from In Progress to 11
  • % Done changed from 50 to 100

Applied in changeset commit:8bf84004f25cb8731fb76fff8f40b67beb1ef516.

#10 Updated by intrigeri almost 5 years ago

  • Assignee deleted (anonym)
  • QA Check changed from Ready for QA to Pass

Merged, thanks!

#11 Updated by BitingBird almost 5 years ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF