#!/bin/bash

# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#

#   runtest.sh of /CoreOS/openCryptoki/Sanity/bz1054661-init-token-as-a-nonroot-user

#   Description: basic token initialization as a nonroot user

#   Author: Karel Srot <ksrot@redhat.com>

#

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#

#   Copyright (c) 2014 Red Hat, Inc.

#

#   This copyrighted material is made available to anyone wishing

#   to use, modify, copy, or redistribute it subject to the terms

#   and conditions of the GNU General Public License version 2.

#

#   This program is distributed in the hope that it will be

#   useful, but WITHOUT ANY WARRANTY; without even the implied

#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR

#   PURPOSE. See the GNU General Public License for more details.

#

#   You should have received a copy of the GNU General Public

#   License along with this program; if not, write to the Free

#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,

#   Boston, MA 02110-1301, USA.

#

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# Include Beaker environment

. /usr/share/beakerlib/beakerlib.sh || exit 1

PACKAGE="opencryptoki"

USER="user$RANDOM"

TESTDIR=`pwd`

rlJournalStart

    rlPhaseStartSetup

        rlRun "rlImport nvr/nvr" || rlDie "cannot import distribution/nvr library"

	# need to find out the library path so a user can import it too

	rlRun "rlImport ./token-manipulation" 2> import.log || rlDie "Could not import opencryptoki/token-manipulation library"

	LIBPATH=`grep 'Will try to import .\/token-manipulation from' import.log | sed 's/^.*token-manipulation from//'`

	echo "LIBPATH=$LIBPATH"

        rlAssertRpm $PACKAGE

        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"

        rlRun "pushd $TmpDir"

	rlRun "useradd -m $USER -G pkcs11"

	rlServiceStop pkcsslotd

	rlRun "pkcsResetTokens"

	rlServiceStart pkcsslotd

    rlPhaseEnd

    rlPhaseStartTest "listing available tokens as a testuser"

	rlRun "su $USER -c 'pkcsconf -t' &> query1.log"

	cat query1.log

    if nvrTestPackage opencryptoki '<' 3.14.0; then

	    rlAssertGrep "Model: IBM SoftTok" query1.log

    else

        rlAssertGrep "Model: Soft " query1.log

    fi

    rlPhaseEnd

  # initialize every token available

  for SLOT in `sed -n 's/^Token #\([0-9]\).*/\1/gp' query1.log`; do

    rlPhaseStartTest "initialize token #$SLOT"

	rlRun "su $USER -c 'source $LIBPATH && pkcsInitToken $SLOT'"

	rlRun "su $USER -c 'pkcsconf -t -c $SLOT' &> query2.log"

	cat query2.log

	rlAssertGrep 'Flags:.*LOGIN_REQUIRED.*USER_PIN_INITIALIZED.*TOKEN_INITIALIZED' query2.log -E

    rlPhaseEnd

  done

    rlPhaseStartCleanup

	rlServiceStop pkcsslotd

	rlRun "pkcsRestoreTokens"

	    rlServiceRestore pkcsslotd

        rlRun "popd"

        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"

        rlLog "Waiting 12 for systemd --user process to exit..."

        sleep 15

        rlRun "userdel -r $USER" || ps -ef

    rlPhaseEnd

rlJournalPrintText

rlJournalEnd