blob: 5ac5dea15efaadd7b4072785832fa89d079179ab (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
#!/usr/bin/env bash
set -eu
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd "$SCRIPT_DIR"
RUNNER_DIR="$1"
APP_PACKAGE="$2"
PREVIOUS_APP="$3"
UI_RUNNER="$4"
UNPRIVILEGED_USER="$5"
# Copy over test runner to correct place
echo "Copying test-runner to $RUNNER_DIR"
mkdir -p "$RUNNER_DIR"
for file in test-runner connection-checker $APP_PACKAGE $PREVIOUS_APP $UI_RUNNER; do
echo "Moving $SCRIPT_DIR/$file to $RUNNER_DIR"
cp -f "$SCRIPT_DIR/$file" "$RUNNER_DIR"
done
# Unprivileged users need execute rights for connection checker
chmod 551 "${RUNNER_DIR}/connection-checker"
chown -R root "$RUNNER_DIR/"
# Create service
function setup_macos {
RUNNER_PLIST_PATH="/Library/LaunchDaemons/net.mullvad.testunner.plist"
echo "Creating test runner service as $RUNNER_PLIST_PATH"
cat > $RUNNER_PLIST_PATH << EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.mullvad.testrunner</string>
<key>ProgramArguments</key>
<array>
<string>$RUNNER_DIR/test-runner</string>
<string>/dev/tty.virtio</string>
<string>serve</string>
</array>
<key>UserName</key>
<string>root</string>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<true/>
<key>StandardOutPath</key>
<string>/tmp/runner.out</string>
<key>StandardErrorPath</key>
<string>/tmp/runner.err</string>
<key>EnvironmentVariables</key>
<dict>
<key>PATH</key>
<string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin</string>
</dict>
</dict>
</plist>
EOF
create_test_user_macos
echo "Starting test runner service"
launchctl load -w $RUNNER_PLIST_PATH
}
function create_test_user_macos {
echo "Adding test user account"
sysadminctl -addUser "$UNPRIVILEGED_USER" -fullName "$UNPRIVILEGED_USER" -password "$UNPRIVILEGED_USER"
}
function setup_systemd {
RUNNER_SERVICE_PATH="/etc/systemd/system/testrunner.service"
echo "Creating test runner service as $RUNNER_SERVICE_PATH"
cat > $RUNNER_SERVICE_PATH << EOF
[Unit]
Description=Mullvad Test Runner
[Service]
ExecStart=$RUNNER_DIR/test-runner /dev/ttyS0 serve
[Install]
WantedBy=multi-user.target
EOF
echo "Starting test runner service"
semanage fcontext -a -t bin_t "$RUNNER_DIR/.*" &> /dev/null || true
create_test_user_linux
systemctl enable testrunner.service
systemctl start testrunner.service
}
function create_test_user_linux {
echo "Adding test user account"
useradd -m "$UNPRIVILEGED_USER"
echo "$UNPRIVILEGED_USER:$UNPRIVILEGED_USER" | chpasswd
}
if [[ "$(uname -s)" == "Darwin" ]]; then
setup_macos
exit 0
fi
setup_systemd
function install_packages_apt {
echo "Installing required apt packages"
apt update
apt install -yf xvfb wireguard-tools curl
curl -fsSL https://get.docker.com | sh
}
# Install required packages
if which apt &>/dev/null; then
install_packages_apt
elif which dnf &>/dev/null; then
dnf install -y xorg-x11-server-Xvfb wireguard-tools podman
fi
|
