pamd: Fix AttributeError when removing the first or last rule (#66398)

pull/66738/head
Sato Kenta 5 years ago committed by Sam Doran
parent e368f788f7
commit a4b59d0213

@ -0,0 +1,2 @@
bugfixes:
- "pamd - Bugfix for attribute error when removing the first or last line"

@ -351,6 +351,8 @@ class PamdRule(PamdLine):
valid_control_actions = ['ignore', 'bad', 'die', 'ok', 'done', 'reset'] valid_control_actions = ['ignore', 'bad', 'die', 'ok', 'done', 'reset']
def __init__(self, rule_type, rule_control, rule_path, rule_args=None): def __init__(self, rule_type, rule_control, rule_path, rule_args=None):
self.prev = None
self.next = None
self._control = None self._control = None
self._args = None self._args = None
self.rule_type = rule_type self.rule_type = rule_type
@ -478,7 +480,8 @@ class PamdService(object):
if current_line.matches(rule_type, rule_control, rule_path): if current_line.matches(rule_type, rule_control, rule_path):
if current_line.prev is not None: if current_line.prev is not None:
current_line.prev.next = current_line.next current_line.prev.next = current_line.next
current_line.next.prev = current_line.prev if current_line.next is not None:
current_line.next.prev = current_line.prev
else: else:
self._head = current_line.next self._head = current_line.next
current_line.next.prev = None current_line.next.prev = None

@ -134,6 +134,12 @@ session required pam_unix.so"""
auth required pam_env.so auth required pam_env.so
""" """
self.no_header_system_auth_string = """auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid
auth required pam_deny.so
"""
self.pamd = PamdService(self.system_auth_string) self.pamd = PamdService(self.system_auth_string)
def test_properly_parsed(self): def test_properly_parsed(self):
@ -353,3 +359,14 @@ session required pam_unix.so"""
self.assertFalse(self.pamd.remove('account', 'required', 'pam_unix.so')) self.assertFalse(self.pamd.remove('account', 'required', 'pam_unix.so'))
test_rule = PamdRule('account', 'required', 'pam_unix.so') test_rule = PamdRule('account', 'required', 'pam_unix.so')
self.assertNotIn(str(test_rule), str(self.pamd)) self.assertNotIn(str(test_rule), str(self.pamd))
def test_remove_first_rule(self):
no_header_service = PamdService(self.no_header_system_auth_string)
self.assertTrue(no_header_service.remove('auth', 'required', 'pam_env.so'))
test_rule = PamdRule('auth', 'required', 'pam_env.so')
self.assertNotIn(str(test_rule), str(no_header_service))
def test_remove_last_rule(self):
self.assertTrue(self.pamd.remove('session', 'required', 'pam_unix.so'))
test_rule = PamdRule('session', 'required', 'pam_unix.so')
self.assertNotIn(str(test_rule), str(self.pamd))

Loading…
Cancel
Save