Project

General

Profile

action #125705

[security] test fails in firefox_nss

Added by vsvecova 3 months ago. Updated 2 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
pstivanin
Category:
Bugs in existing tests
Target version:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:

Description

Observation

The needle with tag "firefox-confirm-fips_enabled" is looking for a greyed-out "disable" option, while on the actual screen it is active (black).

openQA test in scenario sle-15-SP4-Server-DVD-Updates-s390x-fips_env_mode_Firefox@s390x-kvm-sle12 fails in
firefox_nss

Test suite description

Testsuite maintained at https://gitlab.suse.de/qe-security/osd-sle15-security.

Reproducible

Fails since (at least) Build 20230308-1

Expected result

Last good: 20230307-1 (or more recent)

Further details

Always latest result in this scenario: latest

Screenshot from 2023-03-09 17-05-47.png (102 KB) Screenshot from 2023-03-09 17-05-47.png amanzini, 2023-03-09 16:08
Screenshot from 2023-03-09 17-00-33.png (104 KB) Screenshot from 2023-03-09 17-00-33.png amanzini, 2023-03-09 16:08
14765
14768

Related issues

Related to openQA Tests - action #117010: [security] test fails in firefox_nss (fips_env_mode_Firefox_powervm)Feedback2022-09-22

History

#1 Updated by tjyrinki_suse 3 months ago

  • Priority changed from Normal to High
  • Start date deleted (2023-03-09)

#2 Updated by amanzini 3 months ago

  • Assignee set to amanzini

#3 Updated by amanzini 3 months ago

14765
14768

first observation

run the test manually step-by-step, seems the entries in the "Security Modules and Devices" have a strange coloring issue, so likely the needle comparison isn't going to catch them (see screenshot)

#5 Updated by amanzini 3 months ago

  • Status changed from New to Feedback

#6 Updated by amanzini 3 months ago

  • Status changed from Feedback to Resolved

#7 Updated by pstivanin 3 months ago

  • Status changed from Resolved to Feedback

the test seems to be shaky also on x86_64: https://openqa.suse.de/tests/10738794#next_previous

#8 Updated by amanzini 2 months ago

  • Assignee deleted (amanzini)

unassigning myself because I have too many opened tickets to handle at this time

#9 Updated by amanzini 2 months ago

  • Status changed from Feedback to Workable

on some occasions seems firefox does not pick up the inserted password, need further investigation (see video for details)

#10 Updated by pstivanin 2 months ago

  • Priority changed from High to Normal

lowering prio since it's not currently blocking maint updates

#11 Updated by amanzini 2 months ago

  • Related to action #117010: [security] test fails in firefox_nss (fips_env_mode_Firefox_powervm) added

#12 Updated by pstivanin 2 months ago

  • Status changed from Workable to In Progress
  • Assignee set to pstivanin

#13 Updated by pstivanin 2 months ago

  • % Done changed from 0 to 20

Test failed again on 15-SPx.
On 15-SP4, it seems that it's accepting a weak password when it shouldn't.
On <=15-SP3, it's just a matter of updating the needles.

#15 Updated by pstivanin 2 months ago

  • Status changed from In Progress to Resolved
  • % Done changed from 80 to 100

#16 Updated by pstivanin 2 months ago

  • Status changed from Resolved to In Progress
  • % Done changed from 100 to 90

#17 Updated by pstivanin 2 months ago

for 15-sp4+, it's a bug that Firefox accepts any password when in env mode: https://bugzilla.suse.com/show_bug.cgi?id=1210078

#18 Updated by pstivanin 2 months ago

  • Status changed from In Progress to Resolved
  • % Done changed from 90 to 100

I'm quoting Dennis here:

env mode is mainly with application testing and setting single applications to fips mode. at the moment we officially support ONLY systems with kernel mode in fips, but we try to enable all the applications so that they work also with env/filesystem/userspace-fips-mode.

therefore I'm unscheduling (https://gitlab.suse.de/qe-security/osd-sle15-security/-/merge_requests/85/diffs) fips_env_mode_Firefox on 15-SP4 maintenance until the bug on the previous post is fixed.

Also available in: Atom PDF