emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Add tests from the old svn tree

Browse Source 
We're losing the svn history (which we could probably keep if we tried
hard enough) but don't consider that worthwhile.

Note these tests are destructive, so run them only in a throwaway
environment like a chroot, container, or vm.

The tests/run.all script should be the one which launches all the tests.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This commit is contained in:
Serge Hallyn
2014-09-17 14:42:55 -05:00
parent 2cb54158b8
commit b999d48941
8970 changed files with 336314 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
tests/expiry/03_expiry_-f_expired/config/etc/group Normal file
View File

@@ -0,0 +1,42 @@
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
crontab:x:101:
Debian-exim:x:102:
foo:x

42
tests/expiry/03_expiry_-f_expired/config/etc/gshadow Normal file
View File

@@ -0,0 +1,42 @@
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
crontab:x::
Debian-exim:x::
foo:*::

33
tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password Normal file
View File

@@ -0,0 +1,33 @@
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user passwords. The default is pam_unix.
# Explanation of pam_unix options:
#
# The "sha512" option enables salted SHA512 passwords. Without this option,
# the default is Unix crypt. Prior releases used the option "md5".
#
# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
# login.defs.
#
# See the pam_unix manpage for other options.
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# here are the per-package modules (the "Primary" block)
password [success=1 default=ignore] pam_unix.so obscure sha512
# here's the fallback if no module succeeds
password requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
password required pam_permit.so
# and here are more per-package modules (the "Additional" block)
# end of pam-auth-update config

20
tests/expiry/03_expiry_-f_expired/config/etc/passwd Normal file
View File

@@ -0,0 +1,20 @@
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:102:102::/var/spool/exim4:/bin/false
foo:x:1000:1000:::/bin/false

20
tests/expiry/03_expiry_-f_expired/config/etc/shadow Normal file
View File

@@ -0,0 +1,20 @@
root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::

20
tests/expiry/03_expiry_-f_expired/data/shadow Normal file
View File

@@ -0,0 +1,20 @@
root:@PASS_SHA512 password@:@TODAY@:0:1:7:::
daemon:*:12977:0:99999:7:::
bin:*:12977:0:99999:7:::
sys:*:12977:0:99999:7:::
sync:*:12977:0:99999:7:::
games:*:12977:0:99999:7:::
man:*:12977:0:99999:7:::
lp:*:12977:0:99999:7:::
mail:*:12977:0:99999:7:::
news:*:12977:0:99999:7:::
uucp:*:12977:0:99999:7:::
proxy:*:12977:0:99999:7:::
www-data:*:12977:0:99999:7:::
backup:*:12977:0:99999:7:::
list:*:12977:0:99999:7:::
irc:*:12977:0:99999:7:::
gnats:*:12977:0:99999:7:::
nobody:*:12977:0:99999:7:::
Debian-exim:!:12977:0:99999:7:::
foo:!:12977:0:99999:7:::

23
tests/expiry/03_expiry_-f_expired/expiry.exp Executable file
View File

@@ -0,0 +1,23 @@
#!/usr/bin/expect
set timeout 2
expect_after default {puts "\nFAIL"; exit 1}
spawn /bin/sh
send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
expect "# "
send "expiry -f\r"
expect "Your password has expired. Choose a new password."
expect "Enter new UNIX password: "
send "password\r"
expect "Retype new UNIX password: "
send "password\r"
expect "passwd: password updated successfully"
expect "# "
send "echo \$?\r"
expect "0"
expect "# "
send "exit\r"
puts "OK\n"
exit 0

37
tests/expiry/03_expiry_-f_expired/expiry.test Executable file
View File

@@ -0,0 +1,37 @@
#!/bin/sh
set -e
cd $(dirname $0)
. ../../common/config.sh
. ../../common/log.sh
log_start "$0" "expiry can verify that a password is not expired"
save_config
# restore the files on exit
trap 'log_status "$0" "FAILURE"; restore_config' 0
change_config
./expiry.exp
echo -n "Check the passwd file..."
../../common/compare_file.pl config/etc/passwd /etc/passwd
echo "OK"
echo -n "Check the group file..."
../../common/compare_file.pl config/etc/group /etc/group
echo "OK"
echo -n "Check the shadow file..."
../../common/compare_file.pl data/shadow /etc/shadow
echo "OK"
echo -n "Check the gshadow file..."
../../common/compare_file.pl config/etc/gshadow /etc/gshadow
echo "OK"
log_status "$0" "SUCCESS"
restore_config
trap '' 0