Candidate revision checkbox_0.9
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Checkbox |
Fix Released
|
High
|
Marc Tardif | ||
checkbox (Ubuntu) |
Fix Released
|
Wishlist
|
Mathias Gug |
Bug Description
* Introduced job_prompt plugin to treat all jobs (suites, tests, etc.) as composites.
* Replaced the registry and resource scripts and centralized job iteration.
* Replaced dependency on dbus by using sudo/gksu/kdesudo instead.
* Replaced mktemp with mkdtemp for security purposes.
* Fixed strings in fingerprint and modem tests (LP: #457759)
* Fixed client side validation of Launchpad form (LP: #438671)
* Added device information to tags when reporting bugs with apport.
* Added shorthands for blacklist-file and whitelist-file.
* Added support for apport default configuration (LP: #465447)
* Added support for scrolled options list (LP: #411526)
* Added support for tests generated by suites to run as root.
* Added support for requirements in attachments.
* Added support for armv7l processor
* Added Autotest integration
* Added LTP integration
* Added Phoronix integration
* Added qa-regression-
Related branches
Changed in checkbox (Ubuntu): | |
milestone: | none → ubuntu-10.04-beta-1 |
Changed in checkbox (Ubuntu): | |
status: | Confirmed → In Progress |
assignee: | Marc Tardif (cr3) → Mathias Gug (mathiaz) |
importance: | Undecided → Wishlist |
Changed in checkbox: | |
assignee: | nobody → Marc Tardif (cr3) |
status: | New → Fix Released |
This candidate revision is also a feature freeze exception because of the lateness in submitting these changes. The changes are essentially an implentation of the features detailed in the Checkbox Enhancements blueprint:
https:/ /blueprints. launchpad. net/ubuntu/ +spec/lucid- qa-checkbox- enhancements
The first reason for the lateness is that the above blueprint was originally scheduled for beta-1, which happens to be way after the feature freeze limit.
This revision also includes fixes to important security vulnerabilities which were uncovered during the Ubuntu sprint. The proposed changes were initially proposed as:
- Remove /usr/share/ dbus-1/ system- services/ com.ubuntu. checkbox. service
so that dbus no longer spawns the backend on demand.
- Daemonize the backend directly from the frontend by calling sudo in
order to run commands as root, instead of calling upon dbus to spawn
the process.
- Use the session bus instead of the system bus, passing the token from
the environment.
- Remove the NOPASSWD hack from the qa_regression_suite script and then
remove the tests requiring the sudo command from the whitelist of
tests until they are modified to run directly as root.
- In all scripts running as root, make sure to replace using /tmp by
/var/cache and also make sure that the target files are only writable
by root.
The second reason for the lateness is that it took a while to implement each of these changes since they were uncovered in early February. However, these security vulnerabilities were sufficiently significant that a new revision of Checkbox could not make it into the release unless these changes were implemented.