1 # Copyright 2018 The Chromium OS Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 import json 6 import os 7 8 from autotest_lib.client.bin import utils 9 from autotest_lib.client.common_lib import error 10 from autotest_lib.client.cros.enterprise import enterprise_policy_base 11 12 13 class login_SavePassword(enterprise_policy_base.EnterprisePolicyTest): 14 """ 15 Test to make sure that during logon, the user's password is defined in the 16 keyring if and only if the ${PASSWORD} variable is defined in the user's 17 OpenNetworkConfiguration policy. 18 19 """ 20 21 version = 1 22 23 def initialize(self): 24 """ 25 Initialize this test. 26 27 """ 28 super(login_SavePassword, self).initialize() 29 30 def run_once(self, onc_definition, expect_password): 31 """ 32 Run the test. 33 34 @param onc_definition: Filename containing an OpenNetworkConfiguration 35 definition. 36 37 @param expect_password: True if the password is expected to be present 38 in the keyring, False otherwise. 39 40 """ 41 with open(os.path.join(self.bindir, onc_definition)) as f: 42 data = json.load(f) 43 self.setup_case(user_policies={'OpenNetworkConfiguration': data}) 44 45 # Check the /proc/keys file to see if a password key is defined. 46 password_file_cmd = 'cat /proc/keys | grep password:' 47 try: 48 output = utils.run(password_file_cmd).stdout 49 # If there is a password key, check to see the password is the same. 50 saved_password = utils.run("keyctl pipe 0x" + 51 output.split(" ")[0]).stdout 52 # self.password is set by the base class 53 if expect_password and saved_password != self.password: 54 raise error.TestFail( 55 'Password is not saved for ONC with ${PASSWORD} ' 56 'variable. Expected: %s Saved: %s', 57 self.password, saved_password) 58 elif not expect_password and saved_password: 59 raise error.TestFail( 60 'Password is saved but ONC did not have ${PASSWORD} ' 61 'variable') 62 except error.CmdError: 63 if expect_password: 64 raise error.TestFail( 65 'Password is not saved for ONC with ${PASSWORD} ' 66 'variable') 67