garcard Public

Watch 0 Fork 0 Star 0

markdown · 2642 bytes Raw Blame History

Sprint 02 Validation Checklist

Run these checks from an active X11 user session with garcard daemon running.

Baseline

garcardctl ping
garcardctl status
garcardctl auth-summary

Expected:

Daemon reachable over IPC.
agent_backend is polkit in normal session use.
Auth summary starts in idle.

Prompt Flow: Success

pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off
Enter valid password in garcard prompt.
garcardctl auth-summary

Expected:

Prompt appears.
pkcheck exits 0.
Auth summary reaches success then returns to idle on next request cycle.

Prompt Flow: Wrong Password Then Recovery

Trigger same pkcheck command.
Enter wrong password once, then correct password on retry.
garcardctl auth-summary

Expected:

No daemon restart required.
Failure path is visible (failure) and recoverable in the same session.

Prompt Flow: Cancel

Trigger same pkcheck command.
Press Esc in prompt.
Inspect pkcheck exit code and garcardctl auth-summary.

Expected:

pkcheck is denied/canceled (non-zero).
Auth summary reaches canceled.

Prompt Flow: Timeout

garcard prompt --mode secret --message "Timeout check" --timeout-secs 5
Wait without typing.

Expected:

Command exits with code 124.
Daemon-side prompt handling can represent timeout state.

Queue Behavior

Start two checks close together in separate terminals:
- pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off
- pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.reboot
Watch garcardctl auth-summary while completing prompts.

Expected:

One active request at a time.
Additional requests queue and process FIFO.
No deadlock after cancel/failure/success.

Backend Reconnect (Bus/Authority Disruption)

Start daemon with visible logs:
- RUST_LOG=garcard=debug cargo run -p garcard -- daemon
In another terminal, capture status:
- cargo run -q -p garcardctl -- status
Force reconnect path without root:
- kill -HUP <garcard-pid>
Wait at least one health interval (default 5s), then check status and logs.
Optional root-level disruption check:
- sudo systemctl restart polkit

Expected:

Log shows forced reconnect path (Received SIGHUP; forcing backend reconnect).
Backend re-registers without daemon process restart.
garcardctl status remains responsive during/after reconnect attempt.
Optional root-level disruption should trigger maintenance reconnect attempts.

View source

  
        1
        # Sprint 02 Validation Checklist
      
        2
        
        3
        Run these checks from an active X11 user session with `garcard daemon` running.
      
        4
        
        5
        ## Baseline
      
        6
        1. `garcardctl ping`
      
        7
        2. `garcardctl status`
      
        8
        3. `garcardctl auth-summary`
      
        9
        
        10
        Expected:
      
        11
        1. Daemon reachable over IPC.
      
        12
        2. `agent_backend` is `polkit` in normal session use.
      
        13
        3. Auth summary starts in `idle`.
      
        14
        
        15
        ## Prompt Flow: Success
      
        16
        1. `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off`
      
        17
        2. Enter valid password in garcard prompt.
      
        18
        3. `garcardctl auth-summary`
      
        19
        
        20
        Expected:
      
        21
        1. Prompt appears.
      
        22
        2. `pkcheck` exits `0`.
      
        23
        3. Auth summary reaches `success` then returns to `idle` on next request cycle.
      
        24
        
        25
        ## Prompt Flow: Wrong Password Then Recovery
      
        26
        1. Trigger same `pkcheck` command.
      
        27
        2. Enter wrong password once, then correct password on retry.
      
        28
        3. `garcardctl auth-summary`
      
        29
        
        30
        Expected:
      
        31
        1. No daemon restart required.
      
        32
        2. Failure path is visible (`failure`) and recoverable in the same session.
      
        33
        
        34
        ## Prompt Flow: Cancel
      
        35
        1. Trigger same `pkcheck` command.
      
        36
        2. Press `Esc` in prompt.
      
        37
        3. Inspect `pkcheck` exit code and `garcardctl auth-summary`.
      
        38
        
        39
        Expected:
      
        40
        1. `pkcheck` is denied/canceled (non-zero).
      
        41
        2. Auth summary reaches `canceled`.
      
        42
        
        43
        ## Prompt Flow: Timeout
      
        44
        1. `garcard prompt --mode secret --message "Timeout check" --timeout-secs 5`
      
        45
        2. Wait without typing.
      
        46
        
        47
        Expected:
      
        48
        1. Command exits with code `124`.
      
        49
        2. Daemon-side prompt handling can represent timeout state.
      
        50
        
        51
        ## Queue Behavior
      
        52
        1. Start two checks close together in separate terminals:
      
        53
           - `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off`
      
        54
           - `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.reboot`
      
        55
        2. Watch `garcardctl auth-summary` while completing prompts.
      
        56
        
        57
        Expected:
      
        58
        1. One active request at a time.
      
        59
        2. Additional requests queue and process FIFO.
      
        60
        3. No deadlock after cancel/failure/success.
      
        61
        
        62
        ## Backend Reconnect (Bus/Authority Disruption)
      
        63
        1. Start daemon with visible logs:
      
        64
           - `RUST_LOG=garcard=debug cargo run -p garcard -- daemon`
      
        65
        2. In another terminal, capture status:
      
        66
           - `cargo run -q -p garcardctl -- status`
      
        67
        3. Force reconnect path without root:
      
        68
           - `kill -HUP <garcard-pid>`
      
        69
        4. Wait at least one health interval (default 5s), then check status and logs.
      
        70
        5. Optional root-level disruption check:
      
        71
           - `sudo systemctl restart polkit`
      
        72
        
        73
        Expected:
      
        74
        1. Log shows forced reconnect path (`Received SIGHUP; forcing backend reconnect`).
      
        75
        2. Backend re-registers without daemon process restart.
      
        76
        3. `garcardctl status` remains responsive during/after reconnect attempt.
      
        77
        4. Optional root-level disruption should trigger maintenance reconnect attempts.

1	# Sprint 02 Validation Checklist
2
3	Run these checks from an active X11 user session with `garcard daemon` running.
4
5	## Baseline
6	1. `garcardctl ping`
7	2. `garcardctl status`
8	3. `garcardctl auth-summary`
9
10	Expected:
11	1. Daemon reachable over IPC.
12	2. `agent_backend` is `polkit` in normal session use.
13	3. Auth summary starts in `idle`.
14
15	## Prompt Flow: Success
16	1. `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off`
17	2. Enter valid password in garcard prompt.
18	3. `garcardctl auth-summary`
19
20	Expected:
21	1. Prompt appears.
22	2. `pkcheck` exits `0`.
23	3. Auth summary reaches `success` then returns to `idle` on next request cycle.
24
25	## Prompt Flow: Wrong Password Then Recovery
26	1. Trigger same `pkcheck` command.
27	2. Enter wrong password once, then correct password on retry.
28	3. `garcardctl auth-summary`
29
30	Expected:
31	1. No daemon restart required.
32	2. Failure path is visible (`failure`) and recoverable in the same session.
33
34	## Prompt Flow: Cancel
35	1. Trigger same `pkcheck` command.
36	2. Press `Esc` in prompt.
37	3. Inspect `pkcheck` exit code and `garcardctl auth-summary`.
38
39	Expected:
40	1. `pkcheck` is denied/canceled (non-zero).
41	2. Auth summary reaches `canceled`.
42
43	## Prompt Flow: Timeout
44	1. `garcard prompt --mode secret --message "Timeout check" --timeout-secs 5`
45	2. Wait without typing.
46
47	Expected:
48	1. Command exits with code `124`.
49	2. Daemon-side prompt handling can represent timeout state.
50
51	## Queue Behavior
52	1. Start two checks close together in separate terminals:
53	- `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.power-off`
54	- `pkcheck --allow-user-interaction --process $$ --action-id org.freedesktop.login1.reboot`
55	2. Watch `garcardctl auth-summary` while completing prompts.
56
57	Expected:
58	1. One active request at a time.
59	2. Additional requests queue and process FIFO.
60	3. No deadlock after cancel/failure/success.
61
62	## Backend Reconnect (Bus/Authority Disruption)
63	1. Start daemon with visible logs:
64	- `RUST_LOG=garcard=debug cargo run -p garcard -- daemon`
65	2. In another terminal, capture status:
66	- `cargo run -q -p garcardctl -- status`
67	3. Force reconnect path without root:
68	- `kill -HUP <garcard-pid>`
69	4. Wait at least one health interval (default 5s), then check status and logs.
70	5. Optional root-level disruption check:
71	- `sudo systemctl restart polkit`
72
73	Expected:
74	1. Log shows forced reconnect path (`Received SIGHUP; forcing backend reconnect`).
75	2. Backend re-registers without daemon process restart.
76	3. `garcardctl status` remains responsive during/after reconnect attempt.
77	4. Optional root-level disruption should trigger maintenance reconnect attempts.