QA Regression Testing

Merge lp:~kissiel/qa-regression-testing/kernel-sec-py3-friendly into lp:qa-regression-testing

  1. kernel-sec-py3-friendly
  2. Merge into master
Proposed by Maciej Kisielewski
Status: Merged
Approved by: Alberto Salvia Novella
Approved revision: 2559
Merged at revision: 2556
Proposed branch: lp:~kissiel/qa-regression-testing/kernel-sec-py3-friendly
Merge into: lp:qa-regression-testing
Diff against target: 270 lines (+42/-34)
5 files modified
scripts/kernel-security/errno-read.py (+8/-5)
scripts/kernel-security/proc-leaks/dac-bypass.py (+5/-5)
scripts/kernel-security/proc-maps/maps-protection.py (+1/-1)
scripts/test-kernel-security.py (+1/-1)
scripts/testlib.py (+27/-22)
To merge this branch: bzr merge lp:~kissiel/qa-regression-testing/kernel-sec-py3-friendly
Reviewer Review Type Date Requested Status
Alberto Salvia Novella (community) Approve
Review via email: mp+302017@code.launchpad.net

Description of the change

This MR makes all python code in kernel-security suite python3 friendly as well as testlib.py
print conversions were done using 2to3, other issues were done manually.

This helps significantly when porting the security suite to snappy.

It would be even better if I'd be allowed to make all those tests explicitly run python3 (by changing shebangs).

Comments welcome!

Changes made:
* print as a function
* explicitly decoding output from std{out,err}
* s/self.assertNotEquals/self.assertNotEqual/
* explicitly closing open files
* bytes literals instead of strings when used with conjuction with the raw output of std{out,err}
* 0o0000 notation for octal literals
* 'as' syntax for catching exceptions
* string.ascii_letters instead of locale-dependent string.letters
* /usr/bin/env python instead of absolute /usr/bin/python in shebangs

To post a comment you must log in.
Revision history for this message
Alberto Salvia Novella (es20490446e) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'scripts/kernel-security/errno-read.py'
2--- scripts/kernel-security/errno-read.py 2009-04-03 00:53:35 +0000
3+++ scripts/kernel-security/errno-read.py 2016-08-04 12:39:13 +0000
4@@ -1,9 +1,12 @@
5-#!/usr/bin/python
6+#!/usr/bin/env python
7+from __future__ import print_function
8 import sys
9 try:
10- file(sys.argv[1]).read(int(sys.argv[2]))
11-except IOError, e:
12- print >>sys.stderr, "%s: %s" % (sys.argv[1], e.strerror)
13+ f = open(sys.argv[1])
14+ f.read(int(sys.argv[2]))
15+ f.close()
16+except IOError as e:
17+ print("%s: %s" % (sys.argv[1], e.strerror), file=sys.stderr)
18 sys.exit(e.errno)
19-print "%s: Success" % (sys.argv[1])
20+print("%s: Success" % (sys.argv[1]))
21 sys.exit(0)
22
23=== modified file 'scripts/kernel-security/proc-leaks/dac-bypass.py'
24--- scripts/kernel-security/proc-leaks/dac-bypass.py 2012-03-21 14:49:14 +0000
25+++ scripts/kernel-security/proc-leaks/dac-bypass.py 2016-08-04 12:39:13 +0000
26@@ -1,4 +1,4 @@
27-#!/usr/bin/python
28+#!/usr/bin/env python
29 # Demonstrates DAC bypass on /proc/$pid file descriptors across setuid exec
30 # Author: Kees Cook <kees@ubuntu.com>
31 # License: GPLv2
32@@ -21,9 +21,9 @@
33 auxv = struct.unpack('@%dL' % (len(blob)/len(struct.pack('@L',0))), blob)
34 while auxv[0] != 0:
35 if auxv[0] == 7:
36- print "AT_BASE: 0x%x" % (auxv[1])
37+ print("AT_BASE: 0x%x" % (auxv[1]))
38 if auxv[0] == 25:
39- print "AT_RANDOM: 0x%x" % (auxv[1])
40+ print("AT_RANDOM: 0x%x" % (auxv[1]))
41 auxv = auxv[2:]
42
43 # Allow child/parent synchronization to avoid start-up race.
44@@ -55,9 +55,9 @@
45 if name == 'auxv':
46 dump_auxv(saw)
47 else:
48- print saw
49+ print(saw)
50 last[name] = saw
51- except Exception, o:
52+ except Exception as o:
53 if o.errno == errno.EEXIST or o.errno == errno.EPERM:
54 # Target quit or wasn't permitted to access the file to
55 # begin with, so okay.
56
57=== modified file 'scripts/kernel-security/proc-maps/maps-protection.py'
58--- scripts/kernel-security/proc-maps/maps-protection.py 2013-11-27 23:58:15 +0000
59+++ scripts/kernel-security/proc-maps/maps-protection.py 2016-08-04 12:39:13 +0000
60@@ -81,7 +81,7 @@
61
62 info = os.stat('maps-helper-setuid')
63 self.assertEqual(info.st_uid, 0, "maps-helper-setuid not owned by root")
64- self.assertEqual(info.st_mode & 04000, 04000, "maps-helper-setuid not setuid")
65+ self.assertEqual(info.st_mode & 0o4000, 0o4000, "maps-helper-setuid not setuid")
66
67 def test_30_setuid_before_dropping_privs(self):
68 '''Can not read setuid process before priv-dropping to our uid'''
69
70=== modified file 'scripts/test-kernel-security.py'
71--- scripts/test-kernel-security.py 2016-06-27 16:06:54 +0000
72+++ scripts/test-kernel-security.py 2016-08-04 12:39:13 +0000
73@@ -1,4 +1,4 @@
74-#!/usr/bin/python
75+#!/usr/bin/env python
76 #
77 # kernel-security.py regression testing script for kernel and
78 # security features
79
80=== modified file 'scripts/testlib.py'
81--- scripts/testlib.py 2016-06-26 15:39:53 +0000
82+++ scripts/testlib.py 2016-08-04 12:39:13 +0000
83@@ -19,6 +19,7 @@
84
85 '''Common classes and functions for package tests.'''
86
87+from __future__ import print_function
88 import string, random, crypt, subprocess, pwd, grp, time, unittest, tempfile, shutil, os, os.path, re, glob
89 import sys, socket, gzip
90
91@@ -179,20 +180,20 @@
92
93 def require_nonroot():
94 if os.geteuid() == 0:
95- print >>sys.stderr, "This series of tests should be run as a regular user with sudo access, not as root."
96+ print("This series of tests should be run as a regular user with sudo access, not as root.", file=sys.stderr)
97 sys.exit(1)
98
99 def require_root():
100 if os.geteuid() != 0:
101- print >>sys.stderr, "This series of tests should be run with root privileges (e.g. via sudo)."
102+ print("This series of tests should be run with root privileges (e.g. via sudo).", file=sys.stderr)
103 sys.exit(1)
104
105 def require_sudo():
106 if os.geteuid() != 0 or os.environ.get('SUDO_USER', None) is None:
107- print >>sys.stderr, "This series of tests must be run under sudo."
108+ print("This series of tests must be run under sudo.", file=sys.stderr)
109 sys.exit(1)
110 if os.environ['SUDO_USER'] == 'root':
111- print >>sys.stderr, 'Please run this test using sudo from a regular user. (You ran sudo from root.)'
112+ print('Please run this test using sudo from a regular user. (You ran sudo from root.)', file=sys.stderr)
113 sys.exit(1)
114
115 def random_string(length,lower=False):
116@@ -200,7 +201,7 @@
117 length.'''
118
119 s = ''
120- selection = string.letters
121+ selection = string.ascii_letters
122 if lower:
123 selection = string.lowercase
124 maxind = len(selection)-1
125@@ -402,11 +403,11 @@
126 out, outerr = sp.communicate(input)
127 # Handle redirection of stdout
128 if out is None:
129- out = ''
130+ out = b''
131 # Handle redirection of stderr
132 if outerr is None:
133- outerr = ''
134- return [sp.returncode, out + outerr]
135+ outerr = b''
136+ return [sp.returncode, out.decode(sys.stdout.encoding) + outerr.decode(sys.stderr.encoding)]
137
138 def cmd_pipe(command1, command2, input = None, stderr = subprocess.STDOUT, stdin = None):
139 '''Try to pipe command1 into command2.'''
140@@ -594,7 +595,7 @@
141 rc, report = cmd(['apt-get','source',source])
142 assert (rc == 0)
143 shutil.copytree(build_src, cached_src)
144- print "(unpacked %s)" % os.path.basename(glob.glob('%s_*.dsc' % source)[0]),
145+ print("(unpacked %s)" % os.path.basename(glob.glob('%s_*.dsc' % source)[0]), end=' ')
146
147
148 unpacked_dir = os.path.join(build_src, glob.glob('%s-*' % source)[0])
149@@ -720,7 +721,7 @@
150 # check for it.
151 rc, report = cmd(['ps', 'x'])
152 if 'kdeinit4 Running' not in report:
153- print >>sys.stderr, ("kdeinit not running (you may start/stop any KDE application then run this script again)")
154+ print(("kdeinit not running (you may start/stop any KDE application then run this script again)"), file=sys.stderr)
155 return False
156 return True
157
158@@ -730,7 +731,7 @@
159 rc, pkg_config = cmd(['pkg-config', '--cflags', '--libs'] + libs)
160 expected = 0
161 if rc != expected:
162- print >>sys.stderr, 'Got exit code %d, expected %d\n' % (rc, expected)
163+ print('Got exit code %d, expected %d\n' % (rc, expected), file=sys.stderr)
164 assert(rc == expected)
165 return pkg_config.split()
166
167@@ -739,7 +740,7 @@
168 rc, output = cmd(['capsh', '--decode=%x' % cap_num])
169 expected = 0
170 if rc != expected:
171- print >>sys.stderr, 'capsh: got exit code %d, expected %d\n' % (rc, expected)
172+ print('capsh: got exit code %d, expected %d\n' % (rc, expected), file=sys.stderr)
173 cap_name = output.strip().split('=')[1]
174 return cap_name
175
176@@ -856,7 +857,7 @@
177 if not os.path.exists('/usr/bin/lsb_release') and not os.path.exists('/bin/lsb_release'):
178 raise OSError("Please install 'lsb-release'")
179 for line in subprocess.Popen(['lsb_release','-a'],stdout=subprocess.PIPE,stderr=subprocess.PIPE).communicate()[0].splitlines():
180- field, value = line.split(':',1)
181+ field, value = line.decode(sys.stdout.encoding).split(':',1)
182 value=value.strip()
183 field=field.strip()
184 # Convert numerics
185@@ -933,14 +934,14 @@
186 kernel = self.kernel_version_ubuntu
187 if kernel != self.kernel_version_signature:
188 kernel += " (%s)" % (self.kernel_version_signature)
189- print >>sys.stdout, "Running test: '%s' distro: '%s %.2f' kernel: '%s' arch: '%s' uid: %d/%d SUDO_USER: '%s')" % ( \
190+ print("Running test: '%s' distro: '%s %.2f' kernel: '%s' arch: '%s' uid: %d/%d SUDO_USER: '%s')" % ( \
191 sys.argv[0],
192 self.lsb_release['Distributor ID'],
193 self.lsb_release['Release'],
194 kernel,
195 self.dpkg_arch,
196 os.geteuid(), os.getuid(),
197- os.environ.get('SUDO_USER', ''))
198+ os.environ.get('SUDO_USER', '')), file=sys.stdout)
199 sys.stdout.flush()
200
201 # Additional heuristics
202@@ -952,7 +953,7 @@
203 # time.sleep(0.5)
204
205 def hello(self, msg):
206- print >>sys.stderr, "Hello from %s" % (msg)
207+ print("Hello from %s" % (msg), file=sys.stderr)
208 # The central instance
209 manager = TestlibManager()
210
211@@ -1000,7 +1001,7 @@
212 # accept if the beginning of the line matches
213 filetype = '^%s' % (filetype)
214 result = 'File type reported by file: [%s], expected regex: [%s]\n' % (out, filetype)
215- self.assertNotEquals(None, re.search(filetype, out), result)
216+ self.assertNotEqual(None, re.search(filetype, out), result)
217
218 def yank_commonname_from_cert(self, certfile):
219 '''Extract the commonName from a given PEM'''
220@@ -1016,7 +1017,7 @@
221
222 def announce(self, text):
223 if self.my_verbosity:
224- print >>sys.stdout, "(%s) " % (text),
225+ print("(%s) " % (text), end=' ', file=sys.stdout)
226 sys.stdout.flush()
227
228 def make_clean(self):
229@@ -1078,7 +1079,7 @@
230 '''Test a shell command doesn't match a specific exit code'''
231 rc, report, out = self._testlib_shell_cmd(args, stdin=stdin, stdout=stdout, stderr=stderr)
232 result = 'Got (unwanted) exit code %d\n' % rc
233- self.assertNotEquals(unwanted, rc, msg + result + report)
234+ self.assertNotEqual(unwanted, rc, msg + result + report)
235
236 def assertShellOutputContains(self, text, args, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, msg="", invert=False, expected=None):
237 '''Test a shell command contains a specific output'''
238@@ -1099,7 +1100,7 @@
239 if not invert:
240 self.assertEqual(text, out, msg + result + report)
241 else:
242- self.assertNotEquals(text, out, msg + result + report)
243+ self.assertNotEqual(text, out, msg + result + report)
244 if expected is not None:
245 result = 'Got exit code %d. Expected %d (%s)\n' % (rc, expected, " ".join(args))
246 self.assertEqual(rc, expected, msg + result + report)
247@@ -1118,17 +1119,21 @@
248 self.assertEqual(exists, os.path.exists(sysctl), sysctl)
249 value = None
250 if exists:
251- value = int(open(sysctl).read())
252+ f = open(sysctl)
253+ value = int(f.read())
254 report = "%s is not %d: %d" % (sysctl, expected, value)
255 if msg:
256 report += " (%s)" % (msg)
257 self.assertEqual(value, expected, report)
258+ f.close()
259 return value
260
261 def set_sysctl_value(self, path, desired):
262 sysctl = '/proc/sys/%s' % (path)
263 self.assertTrue(os.path.exists(sysctl),"%s does not exist" % (sysctl))
264- open(sysctl, 'w').write(str(desired))
265+ f = open(sysctl, 'w')
266+ f.write(str(desired))
267+ f.close()
268 self._test_sysctl_value(path, desired)
269
270 def kernel_at_least(self, introduced):