GLOB sdist-make: /home/lucasmoura/projects/ubuntu-advantage-client/setup.py behave-vm-18.04 inst-nodeps: /home/lucasmoura/projects/ubuntu-advantage-client/.tox/.tmp/package/3/ubuntu-advantage-tools-20.3.zip behave-vm-18.04 installed: adal==1.2.6,applicationinsights==0.11.9,argcomplete==1.12.2,attrs==20.3.0,azure-cli-core==2.20.0,azure-cli-telemetry==1.0.6,azure-common==1.1.26,azure-core==1.11.0,azure-mgmt-compute==14.0.0,azure-mgmt-core==1.2.2,azure-mgmt-network==13.0.0,azure-mgmt-resource==12.0.0,backcall==0.2.0,bcrypt==3.2.0,behave==1.2.6,boto3==1.17.19,botocore==1.20.19,cachetools==4.2.1,certifi==2020.12.5,cffi==1.14.5,chardet==4.0.0,colorama==0.4.4,configparser==4.0.2,coverage==5.5,cryptography==3.2.1,decorator==4.4.2,flake8==3.8.4,google-api-core==1.26.0,google-api-python-client==1.12.8,google-auth==1.27.0,google-auth-httplib2==0.0.4,googleapis-common-protos==1.53.0,httplib2==0.19.0,humanfriendly==9.1,idna==2.10,iniconfig==1.1.1,ipdb==0.13.5,ipython==7.21.0,ipython-genutils==0.2.0,isodate==0.6.0,jedi==0.18.0,jmespath==0.10.0,knack==0.8.0rc2,mccabe==0.6.1,mock==4.0.3,msal==1.9.0,msrest==0.6.21,msrestazure==0.6.4,oauthlib==3.1.0,oci==2.32.0,packaging==20.9,paramiko==2.7.2,parse==1.19.0,parse-type==0.5.2,parso==0.8.1,pexpect==4.8.0,pickleshare==0.7.5,pkginfo==1.7.0,pluggy==0.13.1,portalocker==1.7.1,prompt-toolkit==3.0.16,protobuf==3.15.3,psutil==5.8.0,ptyprocess==0.7.0,py==1.10.0,pyasn1==0.4.8,pyasn1-modules==0.2.8,pycloudlib @ git+https://github.com/canonical/pycloudlib.git@da9b7c6b0d6e9c07f2a11a2c0b6a02f717723904,pycodestyle==2.6.0,pycparser==2.20,pyflakes==2.2.0,Pygments==2.8.0,PyHamcrest==2.0.2,PyJWT==1.7.1,PyNaCl==1.4.0,pyOpenSSL==19.1.0,pyparsing==2.4.7,pytest==6.2.2,pytest-cov==2.11.1,python-dateutil==2.8.1,python-simplestreams @ git+https://git.launchpad.net/simplestreams@21c5bba2a5413c51e6b9131fc450e96f6b46090d,pytz==2021.1,PyYAML==5.4.1,requests==2.25.1,requests-oauthlib==1.3.0,rsa==4.7.2,s3transfer==0.3.4,six==1.15.0,tabulate==0.8.9,toml==0.10.2,traitlets==5.0.5,ubuntu-advantage-tools @ file:///home/lucasmoura/projects/ubuntu-advantage-client/.tox/.tmp/package/3/ubuntu-advantage-tools-20.3.zip,uritemplate==3.0.1,urllib3==1.26.3,wcwidth==0.2.5 behave-vm-18.04 run-test-pre: PYTHONHASHSEED='1824175286' behave-vm-18.04 run-test: commands[0] | behave -v --tags=uses.config.machine_type.lxd.vm --tags=series.bionic,series.all Loading config defaults from "./tox.ini" Using defaults: color True show_snippets True show_skipped False dry_run False show_source True show_timings True stdout_capture False stderr_capture False log_capture False logging_format %(levelname)s:%(name)s:%(message)s logging_level info steps_catalog False summary True junit True stage None userdata {} default_format pretty default_tags scenario_outline_annotation_schema {name} -- @{row.id} {examples.name} more_formatters {} Using default path "./features" Trying base directory: /home/lucasmoura/projects/ubuntu-advantage-client/features --- Ignoring aws_access_key_id because machine_type is lxd.vm --- Ignoring aws_secret_access_key because machine_type is lxd.vm --- Ignoring az_client_id because machine_type is lxd.vm --- Ignoring az_client_secret because machine_type is lxd.vm --- Ignoring az_tenant_id because machine_type is lxd.vm --- Ignoring az_subscription_id because machine_type is lxd.vm --- Ignoring gcp_credentials_path because machine_type is lxd.vm --- Ignoring gcp_project because machine_type is lxd.vm --- job suffix: None Config options: build_pr = False image_clean = True destroy_instances = True aws_access_key_id = None aws_secret_access_key = None az_client_id = None az_client_secret = None az_tenant_id = None az_subscription_id = None gcp_credentials_path = None gcp_project = None contract_token = contract_token_staging = machine_type = lxd.vm private_key_file = None private_key_name = uaclient-integration reuse_image = None debs_path = None artifact_dir = None ppa = ppa:ua-client/staging ppa_keyid = 6C0BC933 @uses.config.contract_token Feature: Enable command behaviour when attached to an UA subscription # features/attached_enable.feature:2 @series.bionic @series.xenial @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in a bionic lxd vm -- @1.1 ubuntu release # features/attached_enable.feature:211 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # None And I run `ua status` with sudo # None Then stdout matches regexp # None """ esm-infra +yes +enabled +UA Infra: Extended Security Maintenance \(ESM\) fips +yes +disabled +NIST-certified FIPS modules fips-updates +yes +disabled +Uncertified security updates to FIPS modules livepatch +yes +enabled +Canonical Livepatch service """ When I run `ua disable livepatch` with sudo # None Then I verify that running `canonical-livepatch status` `with sudo` exits `1` # None And stdout matches regexp # None """ Machine is not enabled. Please run 'sudo canonical-livepatch enable' with the token obtained from https://ubuntu.com/livepatch. """ When I run `ua status` with sudo # None Then stdout matches regexp # None """ esm-infra +yes +enabled +UA Infra: Extended Security Maintenance \(ESM\) fips +yes +disabled +NIST-certified FIPS modules fips-updates +yes +disabled +Uncertified security updates to FIPS modules livepatch +yes +disabled +Canonical Livepatch service """ @series.bionic @series.xenial @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in a bionic lxd vm -- @1.2 ubuntu release # features/attached_enable.feature:212 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # features/steps/steps.py:216 And I run `ua status` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ esm-infra +yes +enabled +UA Infra: Extended Security Maintenance \(ESM\) fips +yes +disabled +NIST-certified FIPS modules fips-updates +yes +disabled +Uncertified security updates to FIPS modules livepatch +yes +enabled +Canonical Livepatch service """ When I run `ua disable livepatch` with sudo # features/steps/steps.py:130 Then I verify that running `canonical-livepatch status` `with sudo` exits `1` # features/steps/steps.py:355 And stdout matches regexp # features/steps/steps.py:300 """ Machine is not enabled. Please run 'sudo canonical-livepatch enable' with the token obtained from https://ubuntu.com/livepatch. """ When I run `ua status` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ esm-infra +yes +enabled +UA Infra: Extended Security Maintenance \(ESM\) fips +yes +disabled +NIST-certified FIPS modules fips-updates +yes +disabled +Uncertified security updates to FIPS modules livepatch +yes +disabled +Canonical Livepatch service """ @series.bionic @series.xenial @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable livepatch on a machine with fips active -- @1.1 ubuntu release # features/attached_enable.feature:243 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I verify that running `canonical-livepatch status` `with sudo` exits `1` # None Then I will see the following on stderr # None """ sudo: canonical-livepatch: command not found """ When I attach `contract_token` with sudo # None Then stdout matches regexp # None """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua status` with sudo # None Then stdout matches regexp # None """ livepatch yes enabled """ When I run `canonical-livepatch status` with sudo # None Then stdout matches regexp # None """ running: true """ @series.bionic @series.xenial @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable livepatch on a machine with fips active -- @1.2 ubuntu release # features/attached_enable.feature:244 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I verify that running `canonical-livepatch status` `with sudo` exits `1` # features/steps/steps.py:365 Then I will see the following on stderr # features/steps/steps.py:317 """ sudo: canonical-livepatch: command not found """ When I attach `contract_token` with sudo # features/steps/steps.py:216 Then stdout matches regexp # features/steps/steps.py:300 """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua status` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ livepatch yes enabled """ When I run `canonical-livepatch status` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ running: true """ @series.bionic @uses.config.machine_type.lxd.vm Scenario: Attached enable fips on a machine with livepatch active # features/attached_enable.feature:248 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # features/steps/steps.py:216 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists UA Infra: ESM enabled Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua disable livepatch` with sudo # features/steps/steps.py:130 And I run `ua enable fips --assume-yes` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install. """ When I append the following on uaclient config # features/steps/steps.py:245 """ features: block_disable_on_enable: true """ Then I verify that running `ua enable livepatch` `with sudo` exits `1` # features/steps/steps.py:355 And I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first Cannot enable Livepatch when FIPS is enabled. """ @series.bionic @uses.config.machine_type.lxd.vm Scenario: Attached enable livepatch on a machine with fips active # features/attached_enable.feature:282 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # features/steps/steps.py:216 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists UA Infra: ESM enabled Installing canonical-livepatch snap Canonical livepatch enabled """ When I append the following on uaclient config # features/steps/steps.py:245 """ features: block_disable_on_enable: true """ Then I verify that running `ua enable fips --assume-yes` `with sudo` exits `1` # features/steps/steps.py:355 And I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first """ And I will see the following on stderr # features/steps/steps.py:317 """ Cannot enable FIPS when Livepatch is enabled. """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips on a machine with livepatch active -- @1.1 ubuntu release # features/attached_enable.feature:344 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # features/steps/steps.py:216 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists UA Infra: ESM enabled """ And stdout matches regexp # features/steps/steps.py:300 """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua enable fips --assume-yes` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install. """ When I run `ua status` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips +yes +enabled """ And stdout matches regexp # features/steps/steps.py:300 """ livepatch +yes +n/a """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips on a machine with livepatch active -- @1.2 ubuntu release # features/attached_enable.feature:345 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # None Then stdout matches regexp # None """ Updating package lists UA Infra: ESM enabled """ And stdout matches regexp # None """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua enable fips --assume-yes` with sudo # None Then I will see the following on stdout # None """ One moment, checking your subscription first Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install. """ When I run `ua status` with sudo # None Then stdout matches regexp # None """ fips +yes +enabled """ And stdout matches regexp # None """ livepatch +yes +n/a """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips on a machine with fips-updates active -- @1.1 ubuntu release # features/attached_enable.feature:381 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # features/steps/steps.py:216 Then stdout matches regexp # features/steps/steps.py:300 """ UA Infra: ESM enabled """ And stdout matches regexp # features/steps/steps.py:300 """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua disable livepatch` with sudo # features/steps/steps.py:130 And I run `ua enable fips-updates --assume-yes` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install. """ When I verify that running `ua enable fips --assume-yes` `with sudo` exits `1` # features/steps/steps.py:365 Then I will see the following on stdout # features/steps/steps.py:281 """ One moment, checking your subscription first Cannot enable FIPS when FIPS Updates is enabled. """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips on a machine with fips-updates active -- @1.2 ubuntu release # features/attached_enable.feature:382 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token` with sudo # None Then stdout matches regexp # None """ UA Infra: ESM enabled """ And stdout matches regexp # None """ Installing canonical-livepatch snap Canonical livepatch enabled """ When I run `ua disable livepatch` with sudo # None And I run `ua enable fips-updates --assume-yes` with sudo # None Then I will see the following on stdout # None """ One moment, checking your subscription first Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install. """ When I verify that running `ua enable fips --assume-yes` `with sudo` exits `1` # None Then I will see the following on stdout # None """ One moment, checking your subscription first Cannot enable FIPS when FIPS Updates is enabled. """ @uses.config.contract_token_staging Feature: Enable command behaviour when attached to an UA staging subscription # features/staging_commands.feature:2 @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in an ubuntu lxd vm -- @1.1 ubuntu release # features/staging_commands.feature:196 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # None And I run `ua disable livepatch` with sudo # None And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # None And I run `apt-mark hold openssh-client openssh-server strongswan` with sudo # None And I run `ua enable fips --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips +yes enabled """ And stdout matches regexp # None """ FIPS support requires system reboot to complete configuration """ And I verify that running `apt update` `with sudo` exits `0` # None And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu xenial/main` # None When I reboot the `xenial` machine # None And I run `uname -r` as non-root # None Then stdout matches regexp # None """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # None Then I will see the following on stdout # None """ 1 """ When I run `ua status --all` with sudo # None Then stdout does not match regexp # None """ FIPS support requires system reboot to complete configuration """ When I run `ua disable fips --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists A reboot is required to complete disable operation """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ Disabling FIPS requires system reboot to complete operation """ When I run `apt-cache policy ubuntu-fips` as non-root # None Then stdout matches regexp # None """ .*Installed: \(none\) """ When I reboot the `xenial` machine # None Then I verify that `openssh-server` installed version matches regexp `fips` # None And I verify that `openssh-client` installed version matches regexp `fips` # None And I verify that `strongswan` installed version matches regexp `fips` # None And I verify that `openssh-server-hmac` installed version matches regexp `fips` # None And I verify that `openssh-client-hmac` installed version matches regexp `fips` # None And I verify that `strongswan-hmac` installed version matches regexp `fips` # None When I run `apt-mark unhold openssh-client openssh-server strongswan` with sudo # None Then I will see the following on stdout # None """ openssh-client was already not hold. openssh-server was already not hold. strongswan was already not hold. """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips +yes disabled """ Then stdout does not match regexp # None """ Disabling FIPS requires system reboot to complete operation """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in an ubuntu lxd vm -- @1.2 ubuntu release # features/staging_commands.feature:197 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # features/steps/steps.py:216 And I run `ua disable livepatch` with sudo # features/steps/steps.py:130 And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # features/steps/steps.py:109 And I run `apt-mark hold openssh-client openssh-server strongswan` with sudo # features/steps/steps.py:130 And I run `ua enable fips --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips +yes enabled """ And stdout matches regexp # features/steps/steps.py:300 """ FIPS support requires system reboot to complete configuration """ And I verify that running `apt update` `with sudo` exits `0` # features/steps/steps.py:355 And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips/ubuntu bionic/main` # features/steps/steps.py:412 When I reboot the `bionic` machine # features/steps/steps.py:265 And I run `uname -r` as non-root # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ 1 """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout does not match regexp # features/steps/steps.py:305 """ FIPS support requires system reboot to complete configuration """ When I run `ua disable fips --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists A reboot is required to complete disable operation """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Disabling FIPS requires system reboot to complete operation """ When I run `apt-cache policy ubuntu-fips` as non-root # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ .*Installed: \(none\) """ When I reboot the `bionic` machine # features/steps/steps.py:265 Then I verify that `openssh-server` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-client` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `strongswan` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-server-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-client-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `strongswan-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 When I run `apt-mark unhold openssh-client openssh-server strongswan` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ openssh-client was already not hold. openssh-server was already not hold. strongswan was already not hold. """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips +yes disabled """ Then stdout does not match regexp # features/steps/steps.py:305 """ Disabling FIPS requires system reboot to complete operation """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in an ubuntu lxd vm -- @1.1 ubuntu release # features/staging_commands.feature:266 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # None And I run `ua disable livepatch` with sudo # None And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # None When I run `ua enable fips-updates --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips-updates +yes enabled """ And I verify that running `apt update` `with sudo` exits `0` # None And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None When I reboot the `xenial` machine # None And I run `uname -r` as non-root # None Then stdout matches regexp # None """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # None Then I will see the following on stdout # None """ 1 """ When I run `ua disable fips-updates --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists A reboot is required to complete disable operation """ When I reboot the `xenial` machine # None Then I verify that `openssh-server` installed version matches regexp `fips` # None And I verify that `openssh-client` installed version matches regexp `fips` # None And I verify that `strongswan` installed version matches regexp `fips` # None And I verify that `openssh-server-hmac` installed version matches regexp `fips` # None And I verify that `openssh-client-hmac` installed version matches regexp `fips` # None And I verify that `strongswan-hmac` installed version matches regexp `fips` # None When I run `apt-mark unhold openssh-client openssh-server strongswan` with sudo # None Then I will see the following on stdout # None """ openssh-client was already not hold. openssh-server was already not hold. strongswan was already not hold. """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips-updates +yes disabled """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable of vm-based services in an ubuntu lxd vm -- @1.2 ubuntu release # features/staging_commands.feature:267 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # features/steps/steps.py:216 And I run `ua disable livepatch` with sudo # features/steps/steps.py:130 And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # features/steps/steps.py:109 When I run `ua enable fips-updates --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips-updates +yes enabled """ And I verify that running `apt update` `with sudo` exits `0` # features/steps/steps.py:355 And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 When I reboot the `bionic` machine # features/steps/steps.py:265 And I run `uname -r` as non-root # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ 1 """ When I run `ua disable fips-updates --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists A reboot is required to complete disable operation """ When I reboot the `bionic` machine # features/steps/steps.py:265 Then I verify that `openssh-server` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-client` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `strongswan` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-server-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `openssh-client-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 And I verify that `strongswan-hmac` installed version matches regexp `fips` # features/steps/steps.py:402 When I run `apt-mark unhold openssh-client openssh-server strongswan` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ openssh-client was already not hold. openssh-server was already not hold. strongswan was already not hold. """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips-updates +yes disabled """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips-updates on fips enabled vm -- @1.1 ubuntu release # features/staging_commands.feature:439 Given a `xenial` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # None And I run `ua disable livepatch` with sudo # None And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # None And I run `ua enable fips --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips +yes enabled """ When I reboot the `xenial` machine # None And I run `ua enable fips-updates --assume-yes` with sudo # None Then stdout matches regexp # None """ Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # None Then stdout matches regexp # None """ fips +yes n/a """ And stdout matches regexp # None """ fips-updates +yes enabled """ When I reboot the `xenial` machine # None Then I verify that running `apt update` `with sudo` exits `0` # None And I verify that `ubuntu-fips` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu xenial-updates/main` # None When I run `uname -r` as non-root # None Then stdout matches regexp # None """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # None Then I will see the following on stdout # None """ 1 """ @series.xenial @series.bionic @uses.config.machine_type.lxd.vm Scenario Outline: Attached enable fips-updates on fips enabled vm -- @1.2 ubuntu release # features/staging_commands.feature:440 Given a `bionic` machine with ubuntu-advantage-tools installed # features/steps/steps.py:27 When I attach `contract_token_staging` with sudo # features/steps/steps.py:216 And I run `ua disable livepatch` with sudo # features/steps/steps.py:130 And I run `apt-get install openssh-client openssh-server strongswan -y` with sudo, retrying exit [100] # features/steps/steps.py:109 And I run `ua enable fips --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists Installing FIPS packages FIPS enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips +yes enabled """ When I reboot the `bionic` machine # features/steps/steps.py:265 And I run `ua enable fips-updates --assume-yes` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ Updating package lists Installing FIPS Updates packages FIPS Updates enabled A reboot is required to complete install """ When I run `ua status --all` with sudo # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips +yes n/a """ And stdout matches regexp # features/steps/steps.py:300 """ fips-updates +yes enabled """ When I reboot the `bionic` machine # features/steps/steps.py:265 Then I verify that running `apt update` `with sudo` exits `0` # features/steps/steps.py:355 And I verify that `ubuntu-fips` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-server` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-client` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `strongswan` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-server-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `openssh-client-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 And I verify that `strongswan-hmac` is installed from apt source `https://esm.staging.ubuntu.com/fips-updates/ubuntu bionic-updates/main` # features/steps/steps.py:412 When I run `uname -r` as non-root # features/steps/steps.py:130 Then stdout matches regexp # features/steps/steps.py:300 """ fips """ When I run `cat /proc/sys/crypto/fips_enabled` with sudo # features/steps/steps.py:130 Then I will see the following on stdout # features/steps/steps.py:281 """ 1 """ 2 features passed, 0 failed, 7 skipped 9 scenarios passed, 0 failed, 161 skipped 154 steps passed, 0 failed, 1878 skipped, 0 undefined Took 56m4.873s ___________________________________ summary ____________________________________ behave-vm-18.04: commands succeeded congratulations :)