#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/openCryptoki/Sanity/bz1054661-init-token-as-a-nonroot-user
# Description: basic token initialization as a nonroot user
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2014 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="opencryptoki"
USER="user$RANDOM"
TESTDIR=`pwd`
rlJournalStart
rlPhaseStartSetup
rlRun "rlImport nvr/nvr" || rlDie "cannot import distribution/nvr library"
# need to find out the library path so a user can import it too
rlRun "rlImport ./token-manipulation" 2> import.log || rlDie "Could not import opencryptoki/token-manipulation library"
LIBPATH=`grep 'Will try to import .\/token-manipulation from' import.log | sed 's/^.*token-manipulation from//'`
echo "LIBPATH=$LIBPATH"
rlAssertRpm $PACKAGE
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "useradd -m $USER -G pkcs11"
rlServiceStop pkcsslotd
rlRun "pkcsResetTokens"
rlServiceStart pkcsslotd
rlPhaseEnd
rlPhaseStartTest "listing available tokens as a testuser"
rlRun "su $USER -c 'pkcsconf -t' &> query1.log"
cat query1.log
if nvrTestPackage opencryptoki '<' 3.14.0; then
rlAssertGrep "Model: IBM SoftTok" query1.log
else
rlAssertGrep "Model: Soft " query1.log
fi
rlPhaseEnd
# initialize every token available
for SLOT in `sed -n 's/^Token #\([0-9]\).*/\1/gp' query1.log`; do
rlPhaseStartTest "initialize token #$SLOT"
rlRun "su $USER -c 'source $LIBPATH && pkcsInitToken $SLOT'"
rlRun "su $USER -c 'pkcsconf -t -c $SLOT' &> query2.log"
cat query2.log
rlAssertGrep 'Flags:.*LOGIN_REQUIRED.*USER_PIN_INITIALIZED.*TOKEN_INITIALIZED' query2.log -E
rlPhaseEnd
done
rlPhaseStartCleanup
rlServiceStop pkcsslotd
rlRun "pkcsRestoreTokens"
rlServiceRestore pkcsslotd
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlLog "Waiting 12 for systemd --user process to exit..."
sleep 15
rlRun "userdel -r $USER" || ps -ef
rlPhaseEnd
rlJournalPrintText
rlJournalEnd