archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
stable-2.16
stable-2.15
stable-2.14
stable-2.18
stable-2.17
devel
milestone
stable-2.12
stable-2.13
stable-2.9
stable-2.11
stable-2.3
stable-2.10
stable-2.8
stable-2.4
stable-2.5
stable-2.6
stable-2.7
temp-2.10-devel
mazer_role_loader
stable-2.2
threading_plus_forking
threading_instead_of_forking
stable-2.1
stable-1.9
stable-2.0
stable-2.0.0.1
stable-2.0-network
release1.8.4
release1.8.3
release1.8.2
release1.8.1
release1.8.0
release1.7.2
release1.7.1
release1.7.0
release1.6.8
release1.6.10
release1.6.9
release1.6.7
release1.6.6
release1.6.5
release1.6.4
release1.6.3
release1.6.2
release1.6.1
release1.6.0
release1.5.5
release1.5.4
release1.5.3
release1.5.2
release1.5.1
release1.5.0
v2.14.3
v2.13.8
v2.14.3rc1
v2.13.8rc1
v2.14.2
v2.14.2rc1
v2.14.1
v2.13.7
v2.13.7rc1
v2.14.1rc1
v2.13.6
v2.14.0
v2.14.0rc2
v2.13.6rc1
v2.14.0rc1
v2.14.0b3
v2.13.5
v2.12.10
v2.14.0b2
v2.13.5rc1
v2.12.10rc1
v2.14.0b1
v2.12.9
v2.13.4
v2.13.4rc1
v2.12.9rc1
v2.13.3
v2.12.8
v2.12.8rc1
v2.13.3rc1
v2.13.2
v2.13.2rc1
v2.12.7
v2.13.1
v2.12.7rc1
v2.13.1rc1
v2.12.6
v2.11.12
v2.12.6rc1
v2.11.12rc1
v2.13.0
v2.13.0rc1
v2.13.0b1
v2.12.5
v2.11.11
v2.12.5rc1
v2.11.11rc1
v2.13.0b0
v2.12.4
v2.11.10
v2.12.4rc1
v2.11.10rc1
v2.11.9
v2.12.3
v2.12.3rc1
v2.11.9rc1
v2.12.2
v2.11.8
v2.10.17
v2.12.2rc1
v2.11.8rc1
v2.10.17rc1
v2.12.1
v2.11.7
v2.10.16
v2.10.16rc1
v2.11.7rc1
v2.12.1rc1
v2.12.0
v2.12.0rc1
v2.12.0b2
v2.11.6
v2.10.15
v2.9.27
v2.9.27rc1
v2.10.15rc1
v2.11.6rc1
v2.12.0b1
v2.11.5
v2.10.14
v2.9.26
v2.11.5rc1
v2.10.14rc1
v2.9.26rc1
v2.11.4
v2.10.13
v2.9.25
v2.9.25rc1
v2.10.13rc1
v2.11.4rc1
v2.11.3
v2.10.12
v2.9.24
v2.11.3rc1
v2.10.12rc1
v2.9.24rc1
v2.9.23
v2.10.11
v2.11.2
v2.11.2rc1
v2.10.11rc1
v2.9.23rc1
v2.11.1
v2.10.10
v2.9.22
v2.9.22rc1
v2.10.10rc1
v2.11.1rc1
v2.10.9
v2.9.21
v2.10.9rc1
v2.9.21rc1
v2.11.0
v2.8.20
v2.9.20
v2.10.8
v2.11.0rc2
v2.8.20rc1
v2.9.20rc1
v2.10.8rc1
v2.11.0rc1
stable-2.11-branchpoint
v2.11.0b4
v2.11.0b3
v2.11.0b2
v2.10.7
v2.9.19
v2.10.7rc1
v2.9.19rc1
v2.11.0b1
v2.8.19
v2.9.18
v2.10.6
v2.8.19rc1
v2.9.18rc1
v2.10.6rc1
v2.9.17
v2.10.5
v2.10.5rc1
v2.9.17rc1
v2.8.18
v2.9.16
v2.10.4
v2.8.18rc1
v2.9.16rc1
v2.10.4rc1
v2.8.17
v2.9.15
v2.10.3
v2.8.17rc1
v2.9.15rc1
v2.10.3rc1
v2.10.2
v2.9.14
v2.8.16
v2.8.16rc1
v2.9.14rc1
v2.10.2rc1
v2.10.1
v2.10.1rc3
v2.10.1rc2
v2.8.15
v2.9.13
v2.10.0
v2.9.12
v2.8.14
v2.10.0rc4
v2.10.0rc3
v2.10.0rc2
v2.10.0rc1
v2.9.11
v2.8.13
v2.9.10
v2.10.0b1
stable-2.10-branchpoint
v2.9.9
v2.7.18
v2.8.12
v2.9.8
v2.9.7
v2.8.11
v2.7.17
pre-ansible-base
v2.8.10
v2.8.9
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.8.8
v2.7.16
v2.9.2
v2.9.1
v2.8.7
v2.7.15
v2.9.0
v2.9.0rc5
v2.8.6
v2.7.14
v2.9.0rc4
v2.6.20
v2.9.0rc3
v2.9.0rc2
v2.9.0rc1
v2.8.5
v2.9.0b1
stable-2.9-branchpoint
v2.6.19
v2.7.13
v2.8.4
v2.8.3
v2.6.18
v2.7.12
v2.8.2
v2.8.1
v2.7.11
v2.6.17
v2.8.0
v2.8.0rc3
v2.8.0rc2
v2.8.0rc1
v2.8.0b1
v2.8.0a1
v2.6.16
v2.7.10
v2.6.15
v2.7.9
v2.7.8
v2.6.14
v2.5.15
v2.7.7
v2.6.13
v2.6.12
v2.7.6
v2.5.14
v2.7.5
v2.6.11
v2.6.10
v2.7.4
v2.5.13
v2.7.3
v2.6.9
v2.5.12
v2.6.8
v2.7.2
v2.6.7
v2.5.11
v2.7.1
v2.6.6
v2.7.0
v2.6.5
v2.7.0rc4
v2.5.10
v2.7.0rc3
v2.7.0rc2
v2.5.9
v2.6.4
v2.7.0rc1
v2.7.0b1
v2.7.0.a1
v2.6.3
v2.5.8
v2.6.2
v2.5.7
v2.6.1
v2.5.6
v2.4.6.0-1
v2.6.0
v2.6.0rc5
v2.6.0rc4
v2.4.5.0-1
v2.6.0rc3
v2.5.5
v2.4.5.0-0.1.rc1
v2.6.0rc2
v2.6.0rc1
v2.5.4
v2.6.0a2
v2.6.0a1
v2.5.3
v2.5.2
v2.5.1
v2.4.4.0-1
v2.4.4.0-0.3.rc2
v2.5.0
v2.5.0rc3
v2.5.0rc2
v2.4.4-0.2.rc1
v2.3.4.0-0.1.rc1
v2.5.0rc1
v2.4.4-0.1.beta1
v2.5.0b1
v2.5.0a1
v2.4.3.0-1
v2.4.3.0-0.6.rc3
v2.4.3.0-0.5.rc2
v2.4.3.0-0.4.rc1
v2.4.3-0.3.beta3
v2.4.3.0-0.2.beta2
v2.3.3.0-1
v2.4.3.0-0.1.beta1
v2.4.2.0-1
v2.4.2.0-0.5.rc1
v2.4.2.0-0.4.beta4
v2.3.3.0-0.3.rc3
v2.4.2.0-0.3.beta3
v2.4.2.0-0.2.beta2
v2.4.2.0-0.1.beta1
v2.4.1.0-1
v2.4.1.0-0.4.rc2
v2.3.3.0-0.2.rc2
v2.4.1.0-0.3.rc1
v2.4.1.0-0.2.beta2
v2.3.3.0-0.1.rc1
v2.4.1.0-0.1.beta1
v2.4.0.0-1
v2.4.0.0-0.5.rc5
v2.4.0.0-0.4.rc4
v2.4.0.0-0.3.rc3
v2.4.0.0-0.2.rc2
v2.4.0.0-0.1.rc1
v2.3.2.0-1
v2.3.2.0-0.5.rc5
v2.3.2.0-0.4.rc4
v2.3.2.0-0.3.rc3
v2.3.2.0-0.2.rc2
v2.3.2.0-0.1.rc1
v2.1.6.0-1
v2.3.1.0-1
v2.3.1.0-0.2.rc2
v2.2.3.0-1
v2.1.6.0-0.1.rc1
v2.3.1.0-0.1.rc1
v2.3.0.0-1
v2.3.0.0-0.6.rc6
v2.3.0.0-0.5.rc5
v2.3.0.0-0.4.rc4
v2.2.3.0-0.1.rc1
v2.3.0.0-0.3.rc3
v2.3.0.0-0.2.rc2
v2.2.2.0-1
v2.1.5.0-1
v2.3.0.0-0.1.rc1
v2.1.5.0-0.2.rc2
v2.2.2.0-0.2.rc2
v2.1.5.0-0.1.rc1
v2.2.2.0-0.1.rc1
v2.1.4.0-1
v2.2.1.0-1
v2.1.4.0-0.3.rc3
v2.2.1.0-0.5.rc5
v2.1.4.0-0.2.rc2
v2.2.1.0-0.4.rc4
v2.1.4.0-0.1.rc1
v2.2.1.0-0.3.rc3
v2.2.1.0-0.2.rc2
v2.2.1.0-0.1.rc1
v2.1.3.0-1
v2.2.0.0-1
v2.2.0.0-0.4.rc4
v2.1.3.0-0.3.rc3
v2.1.3.0-0.2.rc2
v2.2.0.0-0.3.rc3
v2.1.3.0-0.1.rc1
v2.2.0.0-0.2.rc2
v2.2.0.0-0.1.rc1
v2.1.2.0-1
v2.1.2.0-0.5.rc5
v2.1.2.0-0.4.rc4
v2.1.2.0-0.3.rc3
v2.1.2.0-0.2.rc2
v2.1.2.0-0.1.rc1
v2.1.1.0-1
v2.1.1.0-0.5.rc5
v2.1.1.0-0.4.rc4
v2.1.1.0-0.3.rc3
v2.1.1.0-0.2.rc2
v2.1.1.0-0.1.rc1
v2.1.0.0-1
v2.1.0.0-0.4.rc4
v2.1.0.0-0.2.rc2
v2.1.0.0-0.3.rc3
v2.1.0.0-0.1.rc1
v2.0.2.0-1
v1.9.6-1
v2.0.2.0-0.4.rc4
v2.0.2.0-0.3.rc3
v1.9.6-0.1.rc1
v2.0.2.0-0.2.rc2
v2.0.2.0-0.1.rc1
v1.9.5-1
v1.9.5-0.1.rc1
v2.0.1.0-1
v2.0.1.0-0.2.rc2
v2.0.1.0-0.1.rc1
v2.0.0.2-1
v2.0.0.1-1
v2.0.0.0-1
v2.0.0-0.9.rc4
v2.0.0-0.8.rc3
v2.0.0-0.7.rc2
v2.0.0-0.6.rc1
v2.0.0-0.5.beta3
v2.0.0-0.4.beta2
v1.9.4-1
v2.0.0-0.3.beta1
v1.9.4-0.3.rc3
v1.9.4-0.2.rc2
v1.9.4-0.1.rc1
v2.0.0-0.2.alpha2
v1.9.3-1
v2.0.0-0.1.alpha1
v1.9.3-0.3.rc3
v1.9.3-0.2.rc2
v1.9.3-0.1.rc1
v1.9.2-1
v1.9.2-0.2.rc2
v1_last
v1.9.2-0.1.rc1
v1.9.1-1
v1.9.1-0.4.rc4
v1.9.1-0.3.rc3
v1.9.1-0.2.rc2
v1.9.1-0.1.rc1
v1.9.0.1-1
v1.9.0-2
v1.9.0-1
v1.9.0-0.2.rc2
v1.9.0-0.1.rc1
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2
v1.1
v1.0
0.8
0.7.2
0.7
0.6
0.5
0.4.1
0.4
0.3.1
0.3
0.01
0.0.1
0.0.2
0.7.1
v0.9
v2.13.10
v2.13.10rc1
v2.13.11
v2.13.11rc1
v2.13.12
v2.13.12rc1
v2.13.13
v2.13.13rc1
v2.13.9
v2.13.9rc1
v2.14.10
v2.14.10rc1
v2.14.11
v2.14.11rc1
v2.14.12
v2.14.12rc1
v2.14.13
v2.14.14
v2.14.14rc1
v2.14.15
v2.14.15rc1
v2.14.16
v2.14.16rc1
v2.14.17
v2.14.17rc1
v2.14.18
v2.14.18rc1
v2.14.4
v2.14.4rc1
v2.14.5
v2.14.5rc1
v2.14.6
v2.14.6rc1
v2.14.7
v2.14.7rc1
v2.14.8
v2.14.8rc1
v2.14.9
v2.14.9rc1
v2.15.0
v2.15.0b1
v2.15.0b2
v2.15.0b3
v2.15.0rc1
v2.15.0rc2
v2.15.1
v2.15.10
v2.15.10rc1
v2.15.11
v2.15.11rc1
v2.15.12
v2.15.12rc1
v2.15.13
v2.15.13rc1
v2.15.1rc1
v2.15.2
v2.15.2rc1
v2.15.3
v2.15.3rc1
v2.15.4
v2.15.4rc1
v2.15.5
v2.15.5rc1
v2.15.6
v2.15.6rc1
v2.15.7
v2.15.7rc1
v2.15.8
v2.15.9
v2.15.9rc1
v2.16.0
v2.16.0b1
v2.16.0b2
v2.16.0rc1
v2.16.1
v2.16.10
v2.16.10rc1
v2.16.11
v2.16.11rc1
v2.16.12
v2.16.12rc1
v2.16.13
v2.16.13rc1
v2.16.1rc1
v2.16.2
v2.16.3
v2.16.3rc1
v2.16.4
v2.16.4rc1
v2.16.5
v2.16.5rc1
v2.16.6
v2.16.7
v2.16.7rc1
v2.16.8
v2.16.8rc1
v2.16.9
v2.16.9rc1
v2.17.0
v2.17.0b1
v2.17.0rc1
v2.17.0rc2
v2.17.1
v2.17.1rc1
v2.17.2
v2.17.2rc1
v2.17.2rc2
v2.17.3
v2.17.3rc1
v2.17.4
v2.17.4rc1
v2.17.5
v2.17.5rc1
v2.17.6
v2.17.6rc1
v2.18.0
v2.18.0b1
v2.18.0rc1
v2.18.0rc2
v2.5.0b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cd8161a948'
${ noResults }
ansible/test/units/modules/system/test_pamd.py

356 lines
17 KiB
Python
Raw Normal View History Unescape Escape

Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
from __future__ import (absolute_import, division, print_function)
Move unit test compat code out of `lib/ansible/`. (#46996) * Move ansible.compat.tests to test/units/compat/. * Fix unit test references to ansible.compat.tests. * Move builtins compat to separate file. * Fix classification of test/units/compat/ dir.
6 years ago
from units.compat import unittest
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
from ansible.modules.system.pamd import PamdRule
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
from ansible.modules.system.pamd import PamdLine
from ansible.modules.system.pamd import PamdComment
from ansible.modules.system.pamd import PamdInclude
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
from ansible.modules.system.pamd import PamdService
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
class PamdLineTestCase(unittest.TestCase):
def setUp(self):
self.pamd_line = PamdLine("This is a test")
def test_line(self):
self.assertEqual("This is a test", str(self.pamd_line))
def test_matches(self):
self.assertFalse(self.pamd_line.matches("test", "matches", "foo", "bar"))
class PamdIncludeTestCase(unittest.TestCase):
def setUp(self):
self.good_include = PamdInclude("@include foobar")
self.bad_include = PamdInclude("include foobar")
def test_line(self):
self.assertEqual("@include foobar", str(self.good_include))
def test_matches(self):
self.assertFalse(self.good_include.matches("something", "something", "dark", "side"))
def test_valid(self):
self.assertTrue(self.good_include.is_valid)
self.assertFalse(self.bad_include.is_valid)
class PamdCommentTestCase(unittest.TestCase):
def setUp(self):
self.good_comment = PamdComment("# This is a test comment")
self.bad_comment = PamdComment("This is a bad test comment")
def test_line(self):
self.assertEqual("# This is a test comment", str(self.good_comment))
def test_matches(self):
self.assertFalse(self.good_comment.matches("test", "matches", "foo", "bar"))
def test_valid(self):
self.assertTrue(self.good_comment.is_valid)
self.assertFalse(self.bad_comment.is_valid)
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
class PamdRuleTestCase(unittest.TestCase):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
def setUp(self):
self.rule = PamdRule('account', 'optional', 'pam_keyinit.so', 'revoke')
def test_type(self):
self.assertEqual(self.rule.rule_type, 'account')
def test_control(self):
self.assertEqual(self.rule.rule_control, 'optional')
self.assertEqual(self.rule._control, 'optional')
def test_path(self):
self.assertEqual(self.rule.rule_path, 'pam_keyinit.so')
def test_args(self):
self.assertEqual(self.rule.rule_args, ['revoke'])
def test_valid(self):
self.assertTrue(self.rule.validate()[0])
class PamdRuleBadValidationTestCase(unittest.TestCase):
def setUp(self):
self.bad_type = PamdRule('foobar', 'optional', 'pam_keyinit.so', 'revoke')
self.bad_control_simple = PamdRule('account', 'foobar', 'pam_keyinit.so', 'revoke')
self.bad_control_value = PamdRule('account', '[foobar=1 default=ignore]', 'pam_keyinit.so', 'revoke')
self.bad_control_action = PamdRule('account', '[success=1 default=foobar]', 'pam_keyinit.so', 'revoke')
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
def test_validate_bad_type(self):
self.assertFalse(self.bad_type.validate()[0])
def test_validate_bad_control_simple(self):
self.assertFalse(self.bad_control_simple.validate()[0])
def test_validate_bad_control_value(self):
self.assertFalse(self.bad_control_value.validate()[0])
def test_validate_bad_control_action(self):
self.assertFalse(self.bad_control_action.validate()[0])
Update pamd.py to allow module path with slashes (#32197)
7 years ago
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
class PamdServiceTestCase(unittest.TestCase):
def setUp(self):
self.system_auth_string = """#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
@include common-auth
@include common-account
@include common-session
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid
auth required pam_deny.so
# Test comment
auth sufficient pam_rootok.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid
Fixes #35629 (#35668)
7 years ago
account [success=1 default=ignore] \
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
pam_succeed_if.so user = vagrant use_uid quiet
account required pam_permit.so
account required pam_access.so listsep=,
session include system-auth
password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
-session optional pam_systemd.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session [success=1 test=me default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so"""
self.simple_system_auth_string = """#%PAM-1.0
auth required pam_env.so
"""
self.pamd = PamdService(self.system_auth_string)
def test_properly_parsed(self):
num_lines = len(self.system_auth_string.splitlines()) + 1
num_lines_processed = len(str(self.pamd).splitlines())
self.assertEqual(num_lines, num_lines_processed)
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
def test_has_rule(self):
self.assertTrue(self.pamd.has_rule('account', 'required', 'pam_permit.so'))
self.assertTrue(self.pamd.has_rule('account', '[success=1 default=ignore]', 'pam_succeed_if.so'))
def test_doesnt_have_rule(self):
self.assertFalse(self.pamd.has_rule('account', 'requisite', 'pam_permit.so'))
# Test Update
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_type(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('session', 'optional', 'pam_keyinit.so', new_type='account'))
self.assertTrue(self.pamd.has_rule('account', 'optional', 'pam_keyinit.so'))
test_rule = PamdRule('account', 'optional', 'pam_keyinit.so', 'revoke')
self.assertIn(str(test_rule), str(self.pamd))
def test_update_rule_that_doesnt_exist(self):
self.assertFalse(self.pamd.update_rule('blah', 'blah', 'blah', new_type='account'))
self.assertFalse(self.pamd.has_rule('blah', 'blah', 'blah'))
test_rule = PamdRule('blah', 'blah', 'blah', 'account')
self.assertNotIn(str(test_rule), str(self.pamd))
def test_update_rule_type_two(self):
self.assertTrue(self.pamd.update_rule('session', '[success=1 default=ignore]', 'pam_succeed_if.so', new_type='account'))
self.assertTrue(self.pamd.has_rule('account', '[success=1 default=ignore]', 'pam_succeed_if.so'))
test_rule = PamdRule('account', '[success=1 default=ignore]', 'pam_succeed_if.so')
self.assertIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_control_simple(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('session', 'optional', 'pam_keyinit.so', new_control='required'))
self.assertTrue(self.pamd.has_rule('session', 'required', 'pam_keyinit.so'))
test_rule = PamdRule('session', 'required', 'pam_keyinit.so')
self.assertIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_control_complex(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('session',
'[success=1 default=ignore]',
'pam_succeed_if.so',
new_control='[success=2 test=me default=ignore]'))
self.assertTrue(self.pamd.has_rule('session', '[success=2 test=me default=ignore]', 'pam_succeed_if.so'))
test_rule = PamdRule('session', '[success=2 test=me default=ignore]', 'pam_succeed_if.so')
self.assertIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_control_more_complex(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('session',
'[success=1 test=me default=ignore]',
'pam_succeed_if.so',
new_control='[success=2 test=me default=ignore]'))
self.assertTrue(self.pamd.has_rule('session', '[success=2 test=me default=ignore]', 'pam_succeed_if.so'))
test_rule = PamdRule('session', '[success=2 test=me default=ignore]', 'pam_succeed_if.so')
self.assertIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_module_path(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'required', 'pam_env.so', new_path='pam_limits.so'))
self.assertTrue(self.pamd.has_rule('auth', 'required', 'pam_limits.so'))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
Update pamd.py to allow module path with slashes (#32197)
7 years ago
def test_update_rule_module_path_slash(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'required', 'pam_env.so', new_path='/lib64/security/pam_duo.so'))
self.assertTrue(self.pamd.has_rule('auth', 'required', '/lib64/security/pam_duo.so'))
Update pamd.py to allow module path with slashes (#32197)
7 years ago
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_rule_module_args(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'sufficient', 'pam_unix.so', new_args='uid uid'))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so', 'uid uid')
self.assertIn(str(test_rule), str(self.pamd))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so', 'nullok try_first_pass')
self.assertNotIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_first_three(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'required', 'pam_env.so',
new_type='one', new_control='two', new_path='three'))
self.assertTrue(self.pamd.has_rule('one', 'two', 'three'))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_first_three_with_module_args(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'sufficient', 'pam_unix.so',
new_type='one', new_control='two', new_path='three'))
self.assertTrue(self.pamd.has_rule('one', 'two', 'three'))
test_rule = PamdRule('one', 'two', 'three')
self.assertIn(str(test_rule), str(self.pamd))
self.assertIn(str(test_rule), str(self.pamd))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_update_all_four(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.update_rule('auth', 'sufficient', 'pam_unix.so',
new_type='one', new_control='two', new_path='three',
new_args='four five'))
test_rule = PamdRule('one', 'two', 'three', 'four five')
self.assertIn(str(test_rule), str(self.pamd))
test_rule = PamdRule('auth', 'sufficient', 'pam_unix.so', 'nullok try_first_pass')
self.assertNotIn(str(test_rule), str(self.pamd))
def test_update_rule_with_slash(self):
self.assertTrue(self.pamd.update_rule('account', '[success=1 default=ignore]', 'pam_succeed_if.so',
new_type='session', new_path='pam_access.so'))
test_rule = PamdRule('session', '[success=1 default=ignore]', 'pam_access.so')
self.assertIn(str(test_rule), str(self.pamd))
# Insert Before
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_insert_before_rule(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
count = self.pamd.insert_before('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_limits.so')
self.assertEqual(count, 1)
rules = self.pamd.get("account", "required", "pam_access.so")
for current_rule in rules:
self.assertTrue(current_rule.prev.matches("account", "required", "pam_limits.so"))
def test_insert_before_rule_where_rule_doesnt_exist(self):
count = self.pamd.insert_before('account', 'sufficient', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_limits.so')
self.assertFalse(count)
def test_insert_before_rule_with_args(self):
self.assertTrue(self.pamd.insert_before('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_limits.so',
new_args='uid'))
rules = self.pamd.get("account", "required", "pam_access.so")
for current_rule in rules:
self.assertTrue(current_rule.prev.matches("account", "required", "pam_limits.so", 'uid'))
def test_insert_before_rule_test_duplicates(self):
self.assertTrue(self.pamd.insert_before('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_limits.so'))
self.pamd.insert_before('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_limits.so')
rules = self.pamd.get("account", "required", "pam_access.so")
for current_rule in rules:
previous_rule = current_rule.prev
self.assertTrue(previous_rule.matches("account", "required", "pam_limits.so"))
self.assertFalse(previous_rule.prev.matches("account", "required", "pam_limits.so"))
def test_insert_before_first_rule(self):
self.assertTrue(self.pamd.insert_before('auth', 'required', 'pam_env.so',
new_type='account', new_control='required', new_path='pam_limits.so'))
def test_insert_before_first_rule_simple(self):
simple_service = PamdService(self.simple_system_auth_string)
self.assertTrue(simple_service.insert_before('auth', 'required', 'pam_env.so',
new_type='account', new_control='required', new_path='pam_limits.so'))
# Insert After
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_insert_after_rule(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.insert_after('account', 'required', 'pam_unix.so',
new_type='account', new_control='required', new_path='pam_permit.so'))
rules = self.pamd.get("account", "required", "pam_unix.so")
for current_rule in rules:
self.assertTrue(current_rule.next.matches("account", "required", "pam_permit.so"))
def test_insert_after_rule_with_args(self):
self.assertTrue(self.pamd.insert_after('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_permit.so',
new_args='uid'))
rules = self.pamd.get("account", "required", "pam_access.so")
for current_rule in rules:
self.assertTrue(current_rule.next.matches("account", "required", "pam_permit.so", "uid"))
def test_insert_after_test_duplicates(self):
self.assertTrue(self.pamd.insert_after('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_permit.so',
new_args='uid'))
self.assertFalse(self.pamd.insert_after('account', 'required', 'pam_access.so',
new_type='account', new_control='required', new_path='pam_permit.so',
new_args='uid'))
rules = self.pamd.get("account", "required", "pam_access.so")
for current_rule in rules:
self.assertTrue(current_rule.next.matches("account", "required", "pam_permit.so", "uid"))
self.assertFalse(current_rule.next.next.matches("account", "required", "pam_permit.so", "uid"))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
Fix pamd error when inserting a new rule at the end. Fixes #28487 (#28488) * When inserting a new rule in `insert_after_rule`, check if the old rule is the last rule, to avoid a list index out of range error when attempting to access the next rule. * Add a test for inserting a new rule after the last rule.
7 years ago
def test_insert_after_rule_last_rule(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.insert_after('session', 'required', 'pam_unix.so',
new_type='account', new_control='required', new_path='pam_permit.so',
new_args='uid'))
rules = self.pamd.get("session", "required", "pam_unix.so")
for current_rule in rules:
self.assertTrue(current_rule.next.matches("account", "required", "pam_permit.so", "uid"))
# Remove Module Arguments
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_remove_module_arguments_one(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.remove_module_arguments('auth', 'sufficient', 'pam_unix.so', 'nullok'))
def test_remove_module_arguments_one_list(self):
self.assertTrue(self.pamd.remove_module_arguments('auth', 'sufficient', 'pam_unix.so', ['nullok']))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_remove_module_arguments_two(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.remove_module_arguments('session', '[success=1 default=ignore]', 'pam_succeed_if.so', 'service crond'))
def test_remove_module_arguments_two_list(self):
self.assertTrue(self.pamd.remove_module_arguments('session', '[success=1 default=ignore]', 'pam_succeed_if.so', ['service', 'crond']))
def test_remove_module_arguments_where_none_existed(self):
self.assertTrue(self.pamd.add_module_arguments('session', 'required', 'pam_limits.so', 'arg1 arg2= arg3=arg3'))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_add_module_arguments_where_none_existed(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.add_module_arguments('account', 'required', 'pam_unix.so', 'arg1 arg2= arg3=arg3'))
def test_add_module_arguments_where_none_existed_list(self):
self.assertTrue(self.pamd.add_module_arguments('account', 'required', 'pam_unix.so', ['arg1', 'arg2=', 'arg3=arg3']))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_add_module_arguments_where_some_existed(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.add_module_arguments('auth', 'sufficient', 'pam_unix.so', 'arg1 arg2= arg3=arg3'))
Pamd Updates (#25817) * Fix for #25522 Fix for #25855 Fix for #23963 * Minor fix * Updates per bcoca. Fix in regex for silvinux.
7 years ago
def test_remove_rule(self):
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
self.assertTrue(self.pamd.remove('account', 'required', 'pam_unix.so'))
pamd: fix idempotence issue when removing rules (#54105)
6 years ago
# Second run should not change anything
self.assertFalse(self.pamd.remove('account', 'required', 'pam_unix.so'))
Pamd++ (#35709) * Cleaner, more pythonic, shorter, easier to maintain * Added validation
7 years ago
test_rule = PamdRule('account', 'required', 'pam_unix.so')
self.assertNotIn(str(test_rule), str(self.pamd))