Merge lp://staging/~zyga/checkbox/path-bug into lp://staging/checkbox

plainbox:ctrl: add tests for SymLinkNest class

Just missing tests for SymLinkNest class that was added last week.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: remove reference to extra_PATH

The extra_PATH attribute was removed from Provider1 class sometime ago,
there is no need to provide mocked values for it anymore.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: fix get_differential_execution_environment

This patch corrects one of the many faces of the 'path bug' (executables
not being in PATH in certain situations).

One aspect of that bug was how the "differential" environment, one that
was about to be passed to another process via the env(1) trick, was
being computed. Due to a simple mistake one of the cases where we wanted
to pass a modified environment variable was written incorrectly, thus
plainbox would not pass any changed but already existing variables
across privilege elevation mechanisms.

The fix is trivial, just compare the right variables.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: refactor nest directory handling

This patch changes how we construct the nest_dir and populate it with
symlinks to various executables. Instead of being a bit of code inside
execute_job() it is now a dedicated context manager,
configured_filesystem() that can be tested in isolation and, more
importantly, mocked away in other places.

Note that execute_job() still does mkdir() CHECKBOX_DATA but it is worth
considering moving all filesystem manipulations to the new context
manager later on.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: fix how nest_dir is inserted into PATH

This patch corrects one of the many faces of the 'path bug' (executables
not being in PATH in certain situations).

One aspect of that bug is how nest_dir (directory, that has symlinks to
executables we need in PATH) was being injected into PATH. Previously it
was being done in execute_job(). This fails for execution controllers
that pass environment using a trick in get_execution_command(), such as
pkexec and plainbox-trusted-launcher execution controllers. It fails
because those controllers need to pass "differential" environment inside
the command itself and the change occurs outside of
get_execution_environment().

The fix is straightforward, to move all PATH manipulations to happen
inside get_execution_environment() and adjust all tests that needed
adjusting.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: fix incorrect docstrings

This patch is seemingly useless as the docstring and associated
funcionality is being replaced by subsequent patch but for completeness
I'd like to properly document how the sudo execution controller used to
work.

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: use env trick with sudo controller

This patch corrects one of the many faces of the 'path bug' (executables
not being in PATH in certain situations).

One aspect of that bug is how that 'sudo -E' which was being used in the
sudo execution controller is especially sensitive to ignore PATH even if
-E is used. Instead it loads the "secure path" from system wide
configuration file. This feature would obviously erase our customized
PATH and thus jobs using sudo this way would fail to see nest_dir with
all the executables.

The fix is to bring the sudo controller in alignment with pkexec
controller that already uses env(1) to pass arbitrary environment
variables into a program executed with sudo (without the -E flag this
time).

Signed-off-by: Zygmunt Krynicki <email address hidden>

plainbox:ctrl: fix copy/paste docstring

Signed-off-by: Zygmunt Krynicki <email address hidden>