@@ -426,6 +426,7 @@ tests.package.test_perl_mail_dkim.TestPerlMailDKIM: { extends: .runtime_test }
tests.package.test_perl_x10.TestPerlX10: { extends: .runtime_test }
tests.package.test_perl_xml_libxml.TestPerlXMLLibXML: { extends: .runtime_test }
tests.package.test_polkit.TestPolkitSystemd: { extends: .runtime_test }
+tests.package.test_polkit.TestPolkitInitd: { extends: .runtime_test }
tests.package.test_prosody.TestProsodyLua51: { extends: .runtime_test }
tests.package.test_prosody.TestProsodyLuajit: { extends: .runtime_test }
tests.package.test_python.TestPython2: { extends: .runtime_test }
@@ -1 +1,2 @@
+source "$BR2_EXTERNAL_POLKIT_PATH/package/polkit-rules-test-initd/Config.in"
source "$BR2_EXTERNAL_POLKIT_PATH/package/polkit-rules-test-systemd/Config.in"
new file mode 100644
@@ -0,0 +1,6 @@
+config BR2_PACKAGE_POLKIT_RULES_TEST_INITD
+ bool "polkit rules test for initd"
+ depends on BR2_PACKAGE_POLKIT
+ help
+ Simple test to ensure polkit is loading and enforcing rules
+ correctly using initd.
new file mode 100644
@@ -0,0 +1,6 @@
+#include <stdio.h>
+
+int main(void){
+ printf("Hello polkit!\n");
+ return 0;
+}
new file mode 100644
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/software/polkit/policyconfig-1.dtd">
+<policyconfig>
+ <action id="org.freedesktop.policykit.pkexec.hello-polkit">
+ <message>Authentication is required to run the hello world test program</message>
+ <defaults>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>no</allow_active>
+ </defaults>
+ <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/hello-polkit</annotate>
+ </action>
+</policyconfig>
new file mode 100644
@@ -0,0 +1,6 @@
+polkit.addRule(function(action, subject) {
+ if (action.id == "org.freedesktop.policykit.pkexec.hello-polkit" &&
+ subject.user == "brtest") {
+ return polkit.Result.YES;
+ }
+});
new file mode 100644
@@ -0,0 +1,31 @@
+################################################################################
+#
+# polkit-rules-test-initd
+#
+################################################################################
+
+POLKIT_RULES_TEST_INITD_DEPENDENCIES = polkit
+
+define POLKIT_RULES_TEST_INITD_USERS
+ brtest -1 brtest -1 =password /home/brtest /bin/sh brtest
+endef
+
+define POLKIT_RULES_TEST_INITD_BUILD_CMDS
+ $(INSTALL) -D $(POLKIT_RULES_TEST_INITD_PKGDIR)/hello-polkit.c $(@D)/hello-polkit.c
+ $(TARGET_CC) $(@D)/hello-polkit.c -o $(@D)/hello-polkit
+endef
+
+
+define POLKIT_RULES_TEST_INITD_INSTALL_TARGET_CMDS
+ mkdir -p $(TARGET_DIR)/usr/share/polkit-1/actions/
+ $(INSTALL) -D $(@D)/hello-polkit $(TARGET_DIR)/usr/bin/hello-polkit
+
+ $(INSTALL) -D $(POLKIT_RULES_TEST_INITD_PKGDIR)/hello-polkit.policy \
+ $(TARGET_DIR)/usr/share/polkit-1/actions/hello-polkit.policy
+
+ $(INSTALL) -D $(POLKIT_RULES_TEST_INITD_PKGDIR)/hello-polkit.rules \
+ $(TARGET_DIR)/root/hello-polkit.rules
+
+endef
+
+$(eval $(generic-package))
@@ -49,3 +49,52 @@ class TestPolkitSystemd(infra.basetest.BRTest):
cmd = "su brtest -c '/bin/systemctl restart systemd-timesyncd.service'"
_, exit_code = self.emulator.run(cmd, 10)
self.assertEqual(exit_code, 0)
+
+class TestPolkitInitd(infra.basetest.BRTest):
+ br2_external = [infra.filepath("tests/package/br2-external/polkit")]
+ config = \
+ """
+ BR2_aarch64=y
+ BR2_TOOLCHAIN_EXTERNAL=y
+ BR2_JLEVEL=10
+ BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
+ BR2_LINUX_KERNEL=y
+ BR2_LINUX_KERNEL_CUSTOM_VERSION=y
+ BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.19.86"
+ BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
+ BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="board/qemu/aarch64-virt/linux.config"
+ BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
+ BR2_PACKAGE_DBUS=y
+ BR2_PACKAGE_POLKIT=y
+ BR2_TARGET_ROOTFS_CPIO=y
+ BR2_TARGET_ROOTFS_CPIO_GZIP=y
+ BR2_PACKAGE_POLKIT_RULES_TEST_INITD=y
+ """
+
+ def login(self):
+ img = os.path.join(self.builddir, "images", "rootfs.cpio.gz")
+ kern = os.path.join(self.builddir, "images", "Image")
+ self.emulator.boot(arch="aarch64",
+ kernel=kern,
+ kernel_cmdline=["console=ttyAMA0"],
+ options=["-M", "virt", "-cpu", "cortex-a57", "-m", "512M", "-initrd", img])
+ self.emulator.login()
+
+ def test_run(self):
+ self.login()
+
+ cmd = "su brtest -c 'pkexec hello-polkit'"
+ output, exit_code = self.emulator.run(cmd, 10)
+ print(output)
+ self.assertEqual(exit_code, 127)
+ self.assertEqual(output[0], "Error executing command as another user: Not authorized")
+
+ cmd = "mv /root/hello-polkit.rules /etc/polkit-1/rules.d/hello-polkit.rules"
+ _, exit_code = self.emulator.run(cmd, 10)
+ self.assertEqual(exit_code, 0)
+
+ cmd = "su brtest -c 'pkexec hello-polkit'"
+ output, exit_code = self.emulator.run(cmd, 10)
+ print(output)
+ self.assertEqual(exit_code, 0)
+ self.assertEqual(output[0], "Hello polkit!")