Merge branch 'master' into polkit-support

canonical · Aug 16, 2017 · 7ec7ce0 · 7ec7ce0
2 parents 38f92d7 + eac3d5d
commit 7ec7ce0
Show file tree

Hide file tree

Showing 398 changed files with 13,429 additions and 4,191 deletions.
diff --git a/.gitignore b/.gitignore
@@ -19,6 +19,7 @@ po/snappy.pot
 cmd/decode-mount-opts/decode-mount-opts
 cmd/libsnap-confine-private/unit-tests
 cmd/snap-confine/snap-confine
+cmd/snap-confine/snap-confine-debug
 cmd/snap-confine/snap-confine.apparmor
 cmd/snap-confine/unit-tests
 cmd/snap-discard-ns/snap-discard-ns
@@ -32,6 +33,7 @@ cmd/*/*.[1-9]
 
 # auto-generated systemd units
 data/systemd/*.service
+data/info
 
 # test-driver
 *.log

diff --git a/README.md b/README.md
@@ -24,8 +24,10 @@ If you have found an issue with the application, please [file a bug](https://bug
 
 ## Get in touch
 
-We're friendly! Talk to us on [IRC](https://webchat.freenode.net/?channels=snappy)
-or on [our mailing list](https://lists.snapcraft.io/mailman/listinfo/snapcraft).
+We're friendly! Talk to us on 
+[IRC](https://webchat.freenode.net/?channels=snappy),
+[Rocket Chat](https://rocket.ubuntu.com/channel/snappy),
+or on [our forums](https://forum.snapcraft.io/).
 
 Get news and stay up to date on [Twitter](https://twitter.com/snapcraftio),
 [Google+](https://plus.google.com/+SnapcraftIo) or
@@ -43,4 +45,4 @@ Get news and stay up to date on [Twitter](https://twitter.com/snapcraftio),
 [coveralls-url]: https://coveralls.io/github/snapcore/snapd?branch=master
 
 [codecov-url]: https://codecov.io/gh/snapcore/snapd
-[codecov-image]: https://codecov.io/gh/snapcore/snapd/branch/master/graph/badge.svg
+[codecov-image]: https://codecov.io/gh/snapcore/snapd/branch/master/graph/badge.svg
diff --git a/arch/arch.go b/arch/arch.go
@@ -23,6 +23,8 @@ import (
 	"log"
 	"runtime"
 	"syscall"
+
+	"github.com/snapcore/snapd/release"
 )
 
 // ArchitectureType is the type for a supported snappy architecture
@@ -70,6 +72,18 @@ func ubuntuArchFromGoArch(goarch string) string {
 		"ppc64": "ppc64",
 	}
 
+	// If we are running on an ARM platform we need to have a
+	// closer look if we are on armhf or armel. If we're not
+	// on a armv6 platform we can continue to use the Go
+	// arch mapping. The Go arch sadly doesn't map this out
+	// for us so we have to fallback to uname here.
+	if goarch == "arm" {
+		machineName := release.Machine()
+		if machineName == "armv6l" {
+			return "armel"
+		}
+	}
+
 	ubuntuArch := goArchMapping[goarch]
 	if ubuntuArch == "" {
 		log.Panicf("unknown goarch %q", goarch)

diff --git a/asserts/account_test.go b/asserts/account_test.go
@@ -158,6 +158,8 @@ func (s *accountSuite) TestCheckUntrustedAuthority(c *C) {
 	otherDB := setup3rdPartySigning(c, "other", storeDB, db)
 
 	headers := ex.Headers()
+	// default to signing db's authority
+	delete(headers, "authority-id")
 	headers["timestamp"] = time.Now().Format(time.RFC3339)
 	account, err := otherDB.Sign(asserts.AccountType, headers, nil, "")
 	c.Assert(err, IsNil)

diff --git a/asserts/asserts.go b/asserts/asserts.go
@@ -103,6 +103,18 @@ func Type(name string) *AssertionType {
 	return typeRegistry[name]
 }
 
+// TypeNames returns a sorted list of known assertion type names.
+func TypeNames() []string {
+	names := make([]string, 0, len(typeRegistry))
+	for k := range typeRegistry {
+		names = append(names, k)
+	}
+
+	sort.Strings(names)
+
+	return names
+}
+
 var maxSupportedFormat = map[string]int{}
 
 func init() {

diff --git a/asserts/asserts_test.go b/asserts/asserts_test.go
@@ -46,6 +46,30 @@ func (as *assertsSuite) TestTypeMaxSupportedFormat(c *C) {
 	c.Check(asserts.Type("test-only").MaxSupportedFormat(), Equals, 1)
 }
 
+func (as *assertsSuite) TestTypeNames(c *C) {
+	c.Check(asserts.TypeNames(), DeepEquals, []string{
+		"account",
+		"account-key",
+		"account-key-request",
+		"base-declaration",
+		"device-session-request",
+		"model",
+		"repair",
+		"serial",
+		"serial-request",
+		"snap-build",
+		"snap-declaration",
+		"snap-developer",
+		"snap-revision",
+		"system-user",
+		"test-only",
+		"test-only-2",
+		"test-only-no-authority",
+		"test-only-no-authority-pk",
+		"validation",
+	})
+}
+
 func (as *assertsSuite) TestSuggestFormat(c *C) {
 	fmtnum, err := asserts.SuggestFormat(asserts.Type("test-only-2"), nil, nil)
 	c.Assert(err, IsNil)

diff --git a/asserts/assertstest/assertstest.go b/asserts/assertstest/assertstest.go
@@ -237,7 +237,9 @@ func NewSigningDB(authorityID string, privKey asserts.PrivateKey) *SigningDB {
 }
 
 func (db *SigningDB) Sign(assertType *asserts.AssertionType, headers map[string]interface{}, body []byte, keyID string) (asserts.Assertion, error) {
-	headers["authority-id"] = db.AuthorityID
+	if _, ok := headers["authority-id"]; !ok {
+		headers["authority-id"] = db.AuthorityID
+	}
 	if keyID == "" {
 		keyID = db.KeyID
 	}
@@ -258,6 +260,11 @@ type StoreStack struct {
 	TrustedKey     *asserts.AccountKey
 	Trusted        []asserts.Assertion
 
+	// Generic authority assertions.
+	GenericAccount *asserts.Account
+	GenericKey     *asserts.AccountKey
+	Generic        []asserts.Assertion
+
 	// Signing assertion db that signs with the root private key.
 	RootSigning *SigningDB
 
@@ -266,7 +273,19 @@ type StoreStack struct {
 }
 
 // NewStoreStack creates a new store assertion stack. It panics on error.
-func NewStoreStack(authorityID string, rootPrivKey, storePrivKey asserts.PrivateKey) *StoreStack {
+// optional privKeys can be in order: root, store, generic
+func NewStoreStack(authorityID string, privKeys ...asserts.PrivateKey) *StoreStack {
+	if len(privKeys) > 3 {
+		panic("too many private keys specified, expected at most: root, store, generic")
+	}
+	for len(privKeys) < 3 {
+		privKey, _ := GenerateKey(752)
+		privKeys = append(privKeys, privKey)
+	}
+	rootPrivKey := privKeys[0]
+	storePrivKey := privKeys[1]
+	genericPrivKey := privKeys[2]
+
 	rootSigning := NewSigningDB(authorityID, rootPrivKey)
 	ts := time.Now().Format(time.RFC3339)
 	trustedAcct := NewAccount(rootSigning, authorityID, map[string]interface{}{
@@ -280,9 +299,17 @@ func NewStoreStack(authorityID string, rootPrivKey, storePrivKey asserts.Private
 	}, rootPrivKey.PublicKey(), "")
 	trusted := []asserts.Assertion{trustedAcct, trustedKey}
 
+	genericAcct := NewAccount(rootSigning, "generic", map[string]interface{}{
+		"account-id": "generic",
+		"validation": "certified",
+		"timestamp":  ts,
+	}, "")
+	generic := []asserts.Assertion{genericAcct}
+
 	db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
-		Backstore: asserts.NewMemoryBackstore(),
-		Trusted:   trusted,
+		Backstore:       asserts.NewMemoryBackstore(),
+		Trusted:         trusted,
+		OtherPredefined: generic,
 	})
 	if err != nil {
 		panic(err)
@@ -299,11 +326,28 @@ func NewStoreStack(authorityID string, rootPrivKey, storePrivKey asserts.Private
 		panic(err)
 	}
 
+	err = db.ImportKey(genericPrivKey)
+	if err != nil {
+		panic(err)
+	}
+	genericKey := NewAccountKey(rootSigning, genericAcct, map[string]interface{}{
+		"name":  "serials",
+		"since": ts,
+	}, genericPrivKey.PublicKey(), "")
+	err = db.Add(genericKey)
+	if err != nil {
+		panic(err)
+	}
+
 	return &StoreStack{
 		TrustedAccount: trustedAcct,
 		TrustedKey:     trustedKey,
 		Trusted:        trusted,
 
+		GenericAccount: genericAcct,
+		GenericKey:     genericKey,
+		Generic:        generic,
+
 		RootSigning: rootSigning,
 
 		SigningDB: &SigningDB{

diff --git a/asserts/assertstest/assertstest_test.go b/asserts/assertstest/assertstest_test.go
@@ -86,9 +86,13 @@ func (s *helperSuite) TestStoreStack(c *C) {
 	c.Check(store.TrustedKey.AccountID(), Equals, "super")
 	c.Check(store.TrustedKey.Name(), Equals, "root")
 
+	c.Check(store.GenericAccount.AccountID(), Equals, "generic")
+	c.Check(store.GenericAccount.IsCertified(), Equals, true)
+
 	db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
-		Backstore: asserts.NewMemoryBackstore(),
-		Trusted:   store.Trusted,
+		Backstore:       asserts.NewMemoryBackstore(),
+		Trusted:         store.Trusted,
+		OtherPredefined: store.Generic,
 	})
 	c.Assert(err, IsNil)
 
@@ -100,6 +104,21 @@ func (s *helperSuite) TestStoreStack(c *C) {
 	c.Check(storeAccKey.PublicKeyID(), Equals, store.KeyID)
 	c.Check(storeAccKey.Name(), Equals, "store")
 
+	c.Check(store.GenericKey.AccountID(), Equals, "generic")
+	c.Check(store.GenericKey.Name(), Equals, "serials")
+
+	g, err := store.Find(asserts.AccountType, map[string]string{
+		"account-id": "generic",
+	})
+	c.Assert(err, IsNil)
+	c.Assert(g.Headers(), DeepEquals, store.GenericAccount.Headers())
+
+	g, err = store.Find(asserts.AccountKeyType, map[string]string{
+		"public-key-sha3-384": store.GenericKey.PublicKeyID(),
+	})
+	c.Assert(err, IsNil)
+	c.Assert(g.Headers(), DeepEquals, store.GenericKey.Headers())
+
 	acct := assertstest.NewAccount(store, "devel1", nil, "")
 	c.Check(acct.Username(), Equals, "devel1")
 	c.Check(acct.AccountID(), HasLen, 32)
@@ -119,4 +138,13 @@ func (s *helperSuite) TestStoreStack(c *C) {
 	c.Assert(err, IsNil)
 
 	c.Check(acctKey.Name(), Equals, "default")
+
+	a, err := db.Find(asserts.AccountType, map[string]string{
+		"account-id": "generic",
+	})
+	c.Assert(err, IsNil)
+	c.Assert(a.Headers(), DeepEquals, store.GenericAccount.Headers())
+
+	err = db.Add(store.GenericKey)
+	c.Assert(err, IsNil)
 }